[ovirt-users] Is vulnerable log4j package necessary in my ovirt repo?

Thursday, 16 December 2021

Hello,

I found that the vulnerable log4j-2.13.0-1 package is in oVirt
repository, but not installed even after the oVirt setup.
So, I want to remove that package from my private oVirt repository if
it's not necessary.

but I'm not sure what will happen by doing so. Is there any side effects?

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

[ovirt-users] Is vulnerable log4j package necessary in my ovirt repo?