![java 7 update 45 offline java 7 update 45 offline](https://virresh.files.wordpress.com/2020/05/screenshot-from-2020-05-01-17-17-45.png)
In particular, the following dependencies were known to be vulnerable to CVE-2021-45046 & have been patched in this release:įor a more detailed look at the changes in 4.46, please take a look at the commit log. This release focuses on dependency updates, primarily that fix the latest Apache Log4j2 vulnerability, CVE-2021-45046, in dependencies used by the Java buildpack.
![java 7 update 45 offline java 7 update 45 offline](http://files.smashingmagazine.com/wallpapers/june-15/strawberry-fields/cal/june-15-strawberry-fields-cal-1440x900.jpg)
I'm pleased to announce the release of the java-buildpack, version 4.46. If you are using ProtectApp and have a support contract with the vendor, we suggest you file a ticket and also request a patch. Because this needs to come from a 3rd party vendor we cannot provide a timeline for when this will happen. We have contacted the vendor to request one and are awaiting a fix.
![java 7 update 45 offline java 7 update 45 offline](https://cdn.neow.in/news/images/uploaded/java.jpg)
If you are using an online version of the Java buildpack you do not strictly need this update, as the online buildpack will always pick the latest version of dependencies.įor a more detailed look at the changes in 4.47, please take a look at the commit log. In particular, the following dependencies have been updated to include Log4j 2.17.0 and have been patched in this release: This release focuses on dependency updates, primarily that fix the latest Apache Log4j2 vulnerability, CVE-2021-45105, in dependencies used by the Java buildpack. I'm pleased to announce the release of the java-buildpack, version 4.47. We recommend that everyone read the linked release notes for the versions of the JVM you are consuming in preparation for upgrading buildpacks. These are quarterly updates that bring in bug and security fixes.