X-Recipient: archive-cygwin AT delorie DOT com
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org E8BD4385841C
Authentication-Results: sourceware.org; dmarc=none (p=none dis=none)
 header.from=SystematicSw.ab.ca
Authentication-Results: sourceware.org;
 spf=none smtp.mailfrom=systematicsw.ab.ca
X-Authority-Analysis: v=2.4 cv=FrgWQknq c=1 sm=1 tr=0 ts=61c4a0be
 a=T+ovY1NZ+FAi/xYICV7Bgg==:117 a=T+ovY1NZ+FAi/xYICV7Bgg==:17
 a=IkcTkHD0fZMA:10 a=iMpC6L0jGsNNbTZxuiUA:9 a=QEXdDO2ut3YA:10
Message-ID: <ce027305-0c14-f920-3f15-3250a1edf345@SystematicSw.ab.ca>
Date: Thu, 23 Dec 2021 09:15:57 -0700
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
 Thunderbird/91.4.1
Subject: Re: Inquiry on Apache Log4j's Effect on Cygwin Software
Content-Language: en-CA
To: cygwin AT cygwin DOT com
References: <MW5PR16MB4715B5B954FCFE75D451F6E7D77E9 AT MW5PR16MB4715 DOT namprd16 DOT prod DOT outlook DOT com>
From: Brian Inglis <Brian DOT Inglis AT SystematicSw DOT ab DOT ca>
Organization: Systematic Software
In-Reply-To: <MW5PR16MB4715B5B954FCFE75D451F6E7D77E9@MW5PR16MB4715.namprd16.prod.outlook.com>
X-CMAE-Envelope: MS4xfDVQIEPuS+Yqfs+dzfgBTugpEl8q5yGB45aw2SBn5K6wA5bGzD9FsC64l9CA8A6n9B6pPPWknq7vYzZUKOKe+dEakqxb33CD8gmP2fUygjUl0VQQvLv3
 Dhktfl5PyJPuFUXcZPHCQHoTgIUDp9+Ql372zQTcY2ER/x9SSpqUIFAlQDCv9SJ74yMS04VGHaUQVMrKpToXCHWoJke1lUkKWau3FpbpIHJCIv1v4m0ewZmP
X-Spam-Status: No, score=-1164.7 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS,
 KAM_LAZY_DOMAIN_SECURITY, NICE_REPLY_A, RCVD_IN_BARRACUDACENTRAL,
 RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE,
 TXREP autolearn=no autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
Reply-To: cygwin AT cygwin DOT com
Cc: Iyana Garry <igarry AT nardelloandco DOT com>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com
Sender: "Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com>

On 2021-12-23 08:19, Iyana Garry wrote:
> Is there any confirmation that Cygwin software is not impacted by
> the Apache Log4J vulnerabilities (CVE-2021-44228, CVE-2021-45046 and 
> CVE-2021-45105)?
Cygwin neither supports nor packages Java or log4j (Log for Java).

-- 
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in binary units and prefixes, physical quantities in SI.]

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple