CVE-2021-44228 mitigation needed?CVE-2021-44228 mitigation needed?https://liferay.dev/c/message_boards/find_thread?p_l_id=119785294&threadId=1212936772026-04-07T12:10:47Z2026-04-07T12:10:47ZRE: RE: CVE-2021-44228 mitigation needed?Fredi Bhttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1212976142021-12-14T14:40:34Z2021-12-14T14:40:34Z<p>Cool and relaxed answer.</p>
<p>However, in your linked blog article there are different answers to
OPs Question.</p>
<p>David and Liferay-Support communicate Liferay-Versions below 7.4 do
not use the affected Version.</p>
<p>Community and our intern audit reveal that Liferay-Versions below 7.4
do atleast bring along a affected Version.</p>
<p>Is it possible to atleast get a concrete statement to the affected version?</p>
<p>Who can answer the question better than Liferay-Employees or Gurus?</p>
<p> </p>Fredi B2021-12-14T14:40:34ZRE: CVE-2021-44228 mitigation needed?Olaf Kockhttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1212968822021-12-14T09:31:22Z2021-12-14T08:07:13Z<p>As this server had a few issues publishing posts: By now most of the
excitement might be gone, but for completeness: <a href="https://liferay.dev/blogs/-/blogs/log4j2-zero-day-vulnerability">https://liferay.dev/blogs/-/blogs/log4j2-zero-day-vulnerability</a></p>Olaf Kock2021-12-14T08:07:13ZCVE-2021-44228 mitigation needed?Fernando Fernandezhttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1212936762021-12-13T18:02:24Z2021-12-10T17:44:11Z<p>Hi all,</p>
<p>Just wondering if we should panic about log4j's <a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228">CVE-2021-44228</a>.
Anybody looked into this already?</p>
<p>TIA</p>
<p>Fernando</p>Fernando Fernandez2021-12-10T17:44:11Z