This Week in JBoss - 20 December 2021
Hello! With a bit of delay, here is our very last editorial of the year! Sadly, it focus point has to be the log4j vulnerability,but we also ensured there was some interesting and exciting news too. Enjoy and happy holidays!
log4j Security vulnerabilities
Sadly, we have to start our editorial with a less-than-ideal piece of news. In case, you somehow missed, be aware that some vulnerabilities have been found in Log4J. Being one of the most used Java library, it is a rather critical issue. Please take look at this article to know How to fix Log4j CVE-2021-44228.
Some other projects from the JBoss community may also have been impacted. Please check any project you are currently using and see if, like KIE or InfiniSpan, they have provided information on the impact of the vulnerability.
Note that, on the bright side, Quarkus is not affected by the Log4J Vulnerability.
Wildfly 26 is here!
With the nasty security vulnereablity on log4j, it’s certainly time to look at some new security features coming in either Elytron or Wildly (or both):
Releases, releases, releases…
As always, the JBoss community has been quite actived and released quite a lot:
That’s all for today! Please join us again next year for another round of our JBoss editorial!