JDownloader Community - Appwork GmbH
 

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 13.12.2021, 11:39
coalado's Avatar
coalado coalado is offline
JD Manager
 
Join Date: Feb 2009
Posts: 1,985
Default CVE-2021-44228, log4j, JDownloader is NOT affected

CVE-2021-44228, log4j, JDownloader is NOT affected

We just want to let you know that neither JDownloader nor any other of our projects make use of log4j and thus are not affected by this security vulnerability.

Edit: 15.12.2021
Due to a question on Reddit, we would like to get a bit more into detail:

Neither JDownloader itself nor its libraries/dependencies use or contain log4j. This includes all executable code in
- JDownloader.jar
- Core.jar
- All dependencies in the /libs/ folder
- All extensions in the /extensions/ folder
- All plugins in jd/plugins/ folders

If you want to get sure:
Executable code is stored in *.jar files ( And the plugin folders)
You can open these jar files with any ZIP extractor. As long as you don't find any strings or files that start with/contain org.apache.log4j or org.apache.logging.log4j we are fine.
__________________

Last edited by Jiaz; 15.12.2021 at 14:31.
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +2. The time now is 07:57.
Provided By AppWork GmbH | Privacy | Imprint
Parts of the Design are used from Kirsch designed by Andrew & Austin
Powered by vBulletin® Version 3.8.10 Beta 1
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.