From: "mame (Yusuke Endoh)" <noreply@...>
Date: 2021-12-23T11:19:40+00:00
Subject: [ruby-core:106776] [Ruby master Bug#18424] Is Ruby is vulnerable to log4j?

Issue #18424 has been updated by mame (Yusuke Endoh).

Status changed from Open to Rejected

The Ruby package itself does not depend on log4j. For an application or library written in Ruby, please ask to its maintainer.

----------------------------------------
Bug #18424: Is Ruby is vulnerable to log4j?
https://bugs.ruby-lang.org/issues/18424#change-95478

* Author: salamani (Ravi Salamani)
* Status: Rejected
* Priority: Normal
* ruby -v: master
* Backport: 2.6: UNKNOWN, 2.7: UNKNOWN, 3.0: UNKNOWN
----------------------------------------
I observed that the ruby uses zookeeper, dep "slyphon-log4j", "= 1.2.15".
Is Ruby is vulnerable to log4j?



-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>