[postgis-users] CVE reported on log4j - is PostGIS affected?

karsten karsten at terragis.net
Tue Dec 14 00:49:47 PST 2021

I am by no way an expert -  but since log4j is based on Java 
and Postgresql / PostGIS is not (instead based on C)
there should be no way that there would be any issues related to
Postgresl/postgis alone

Anyone please let me know if I am wrong

-----Original Message-----
From: postgis-users [mailto:postgis-users-bounces at lists.osgeo.org] On Behalf
Of Ulrich Selgert
Sent: Tuesday, December 14, 2021 00:41
To: postgis-users at lists.osgeo.org
Subject: [postgis-users] CVE reported on log4j - is PostGIS affected?


does anybody know if PostGIS is vulnerable to the CVE that has been reported
on the logging implementation log4j?

Best regards
postgis-users mailing list
postgis-users at lists.osgeo.org

More information about the postgis-users mailing list