[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] HTCondor and log4j status?

There is a little bit of java code in HTCondor that assists in running user applications written in java (i.e. the java universe), but none of it uses log4j. To our knowledge, the HTCondor Software Suite is not affected by the CVE-2021-44228 log4j vulnerability.

 - Jaime

On Dec 13, 2021, at 8:35 PM, Hitchen, Greg (IM&T, Kensington WA) <Greg.Hitchen@xxxxxxxx> wrote:

That was my impression too Steve. Just after a statement from the developers.
From: HTCondor-users <htcondor-users-bounces@xxxxxxxxxxx> On Behalf Of Steven C Timm
Sent: Tuesday, 14 December 2021 10:25 AM
To: HTCondor-Users Mail List <htcondor-users@xxxxxxxxxxx>
Subject: Re: [HTCondor-users] HTCondor and log4j status?
htcondor is not written in Java, why would there be any log4j dependencies?  Checked all my condor installations and don't see log4j as part of it.  Of course there should be an official note from the developers.

From: HTCondor-users <htcondor-users-bounces@xxxxxxxxxxx> on behalf of Hitchen, Greg (IM&T, Kensington WA) <Greg.Hitchen@xxxxxxxx>
Sent: Monday, December 13, 2021 4:55 PM
To: HTCondor-Users Mail List <htcondor-users@xxxxxxxxxxx>
Subject: [HTCondor-users] HTCondor and log4j status?
Hi All
Just wondering if or when the HTCondor Team might be able to release information about HTCondor and the
CVE-2021-44228 log4j vulnerability.
e.g. not used so no problem, or used but old version not impacted, or used and this is the mitigation/upgrade.
We, and I assume every other IT dept. are being pushed hard for info from vendors about this.
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting

The archives can be found at: