From Randall@21:1/5 to All on Tue Jul 19 07:03:59 2022
If you have not heard about this from me, or HPE, or other places, please have a glace. It is important that you patch or deal with the log4j component to prevent vulnerabilities.
There was a HOTSTUFF that came out a while ago about this. Please read that and mitigate it.
Note: NSGit does not have any vulnerability associated with log4j. Jenkins also does not, unless you have replaced the default log4j version with a bad one.
Regards,
Randall Becker
On behalf of the NSGit team.