* Inquiry on Apache Log4j's Effect on Cygwin Software
@ 2021-12-23 15:19 Iyana Garry
2021-12-23 15:43 ` Bill Stewart
2021-12-23 16:15 ` Brian Inglis
0 siblings, 2 replies; 4+ messages in thread
From: Iyana Garry @ 2021-12-23 15:19 UTC (permalink / raw)
To: cygwin
Is there any confirmation that Cygwin software is not impacted by the Apache Log4J vulnerabilities (CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105)?
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Inquiry on Apache Log4j's Effect on Cygwin Software
2021-12-23 15:19 Inquiry on Apache Log4j's Effect on Cygwin Software Iyana Garry
@ 2021-12-23 15:43 ` Bill Stewart
2021-12-23 15:47 ` Eliot Moss
2021-12-23 16:15 ` Brian Inglis
1 sibling, 1 reply; 4+ messages in thread
From: Bill Stewart @ 2021-12-23 15:43 UTC (permalink / raw)
To: cygwin
On Thu, Dec 23, 2021 at 8:19 AM Iyana Garry wrote:
Is there any confirmation that Cygwin software is not impacted by the
> Apache Log4J vulnerabilities (CVE-2021-44228, CVE-2021-45046 and
> CVE-2021-45105)?
>
I'm not sure why there would need to be any such confirmation. Log4J is a
Java application logging framework.
Bill
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Inquiry on Apache Log4j's Effect on Cygwin Software
2021-12-23 15:43 ` Bill Stewart
@ 2021-12-23 15:47 ` Eliot Moss
0 siblings, 0 replies; 4+ messages in thread
From: Eliot Moss @ 2021-12-23 15:47 UTC (permalink / raw)
To: cygwin
On 12/23/2021 10:43 AM, Bill Stewart wrote:
> On Thu, Dec 23, 2021 at 8:19 AM Iyana Garry wrote:
>
> Is there any confirmation that Cygwin software is not impacted by the
>> Apache Log4J vulnerabilities (CVE-2021-44228, CVE-2021-45046 and
>> CVE-2021-45105)?
>>
>
> I'm not sure why there would need to be any such confirmation. Log4J is a
> Java application logging framework.
To clarify further, Java on the Windows platform is Windows native.
While it is possible to invoke Java from Cygwin bash, it is the
native Java one would invoke. I am not aware of any Cygwin programs
that require and invoke Java.
Best wishes - Eliot Moss
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Inquiry on Apache Log4j's Effect on Cygwin Software
2021-12-23 15:19 Inquiry on Apache Log4j's Effect on Cygwin Software Iyana Garry
2021-12-23 15:43 ` Bill Stewart
@ 2021-12-23 16:15 ` Brian Inglis
1 sibling, 0 replies; 4+ messages in thread
From: Brian Inglis @ 2021-12-23 16:15 UTC (permalink / raw)
To: cygwin; +Cc: Iyana Garry
On 2021-12-23 08:19, Iyana Garry wrote:
> Is there any confirmation that Cygwin software is not impacted by
> the Apache Log4J vulnerabilities (CVE-2021-44228, CVE-2021-45046 and
> CVE-2021-45105)?
Cygwin neither supports nor packages Java or log4j (Log for Java).
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in binary units and prefixes, physical quantities in SI.]
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-12-23 16:15 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-23 15:19 Inquiry on Apache Log4j's Effect on Cygwin Software Iyana Garry
2021-12-23 15:43 ` Bill Stewart
2021-12-23 15:47 ` Eliot Moss
2021-12-23 16:15 ` Brian Inglis
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).