Liferay DXP 7.2 Log4jLiferay DXP 7.2 Log4jhttps://liferay.dev/c/message_boards/find_thread?p_l_id=119785294&threadId=1214562022026-04-07T20:13:15Z2026-04-07T20:13:15ZLiferay DXP 7.2 Log4jAbhay Guptahttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1214562012022-06-27T18:52:03Z2022-06-27T18:52:03Z<p>Hi All</p>
<p>We are using Liferay DXP 7.2. Nessus scan is reporting an outdated
version of Log4j in the osgi state folder. I am not sure on how to
remove this jar. this is the location</p>
<p>user_projects\domains\osgi\state\org.eclipse.osgi\422\0\.cp\lib\log4j-core-2.11.2.jar</p>
<p>I know DXP 7.2 is not impacted but our security team wants us to
update this.</p>
<p>Can you please help us on the steps needed to update the jar version.</p>
<p>Thanks</p>Abhay Gupta2022-06-27T18:52:03Z