Oracle Database Discussions

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

we have to replace the log4j-core file with latest version log4j-2.17 to avoid vulnerability.

User_6OFH4Dec 21 2021

we have to replace the log4j-core file with latest version log4j-2.17 to avoid vulnerability.
we are just replacing the file at the the path product\12.1.0\dbhome_1\ccr\lib\log4j-core.jar
with product\12.1.0\dbhome_1\ccr\lib\log4j-2.17.jar.
is this sufficient to change the version of log4j or anything else we need to do ?

Added on Dec 21 2021

#general-database-discussions

5 comments

8,346 views