There is a little bit of java code in HTCondor that assists in running user applications written in java (i.e. the java universe), but none of it uses log4j. To our knowledge, the HTCondor Software Suite is not affected by the CVE-2021-44228 log4j vulnerability.
unsubscribe, send a message to
htcondor-users-request@xxxxxxxxxxx with a
can also unsubscribe by visiting
archives can be found at:
That was my impression too Steve. Just after a statement from the developers.
htcondor is not written in Java, why would there be any log4j dependencies? Checked all my condor installations and don't see log4j as part of it. Of course there should be an official note from the developers.
Just wondering if or when the HTCondor Team might be able to release information about HTCondor and the
CVE-2021-44228 log4j vulnerability.
e.g. not used so no problem, or used but old version not impacted, or used and this is the mitigation/upgrade.
We, and I assume every other IT dept. are being pushed hard for info from vendors about this.