Log4j XCode vulnerability - resolu… | Apple Developer Forums
source link: https://developer.apple.com/forums/thread/696785
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Log4j XCode vulnerability - resolution eta?
It appears that the current version of XCode 13.2 contains the Log4j vulnerability. Are others seeing this? Does anyone know if this being addressed and if some when we should expect an updated version without this vulnerability?
-
How? Java isn't installed on macOS.
—2 days ago
-
Xcode does include a Java runtime environment - the App Store upload has always used Java tooling in its delivery mechanism and ships a Java Runtime Environment: % /Applications/Xcode.app/Contents/SharedFrameworks/ContentDeliveryServices.framework/Versions/A/itms/java/bin/java -version openjdk version "14.0.2" 2020-07-14 OpenJDK Runtime Environment 14.0.2-5906ce1373 (build 14.0.2+12-iTunesOpenJDK-8) OpenJDK 64-Bit Server VM 14.0.2-5906ce1373 (build 14.0.2+12-iTunesOpenJDK-8, mixed mode
—1 day ago
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK