Since the discovery of first major CVE related to Log4j we had to fix several components in Reliza Hub exposed to this vulnerability.
There was some back-and-forth with more CVEs published, after which we updated components one more time to make sure we are at 2.17.0 version of Log4j. This effort concluded on December 18, 2021 with all our components being patched successfully.
For core Reliza Hub offering no action is required from our clients as all servers have been patched on our side.
However, If you are using any of our Java based components, please find below safe versions to update to:
- If you are using Reliza Java Client (SDK), please make sure to use version 0.1.99 or newer.
- If you are using Reliza Integration Plugin for Jenkins, please make sure to use version 0.1.15 or newer.