Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Search

Breadcrumbs

Page History

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

...

Download log4j 2.17.0 or 2.16.0 from here.
Replace all log4j 2.x jar files with their respective equivalents from the downloaded version zip file while keeping the original file name.

Example:

You need to replace these files

log4j-1.2-apiif found: log4j-core-2.14**.jar
then remove log4j-coreapi-2.14**.jar
copy log4j-core-2.17**.0.jar over to
log4j-slf4j-coreimpl-2.14**.jar
repeat for any other log4j 2.x file found.

You will need to apply this procedure for these files

Example:

if found: log4j-core-2.14.jar
then remove log4j-core-2.14.jar
log4j-1.2-api-2.**.jar
log4j-api-2.**.jar
copy log4j-core-2.17.0.jar over to
log4j-core-2.**14.jarlog4j-slf4j-impl-2.**.jar
repeat for any other log4j 2.x file found.

See the detailed procedure to mitigate the risk concerning the CVE-2021-44228 vulnerability.

...

No Magic, Inc. Copyright © 1998 – 2024 No Magic, Incorporated, a Dassault Systèmes company – All Rights Reserved.