[gimp-web] content: disclaimer about the log4j vulnerabilities.
- From: Jehan <jehanp src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gimp-web] content: disclaimer about the log4j vulnerabilities.
- Date: Thu, 16 Dec 2021 17:02:09 +0000 (UTC)
commit 8dcf0f5d154e6d23885d869dbdb00759870f5d8e
Author: Jehan <jehan girinstud io>
Date: Thu Dec 16 17:58:58 2021 +0100
content: disclaimer about the log4j vulnerabilities.
It seems the request for a statement from us keep coming.
.../2021/2021-12_no_log4j_vulnerability/index.md | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
---
diff --git a/content/news/2021/2021-12_no_log4j_vulnerability/index.md
b/content/news/2021/2021-12_no_log4j_vulnerability/index.md
new file mode 100644
index 00000000..336d22c6
--- /dev/null
+++ b/content/news/2021/2021-12_no_log4j_vulnerability/index.md
@@ -0,0 +1,20 @@
+Title: GIMP is not affected by the log4j vulnerability
+Date: 2021-12-16
+Category: News
+Authors: Wilber
+Slug: no-log4j-vulnerability
+Summary: GIMP is not vulnerable to log4shell.
+Image: /news/2018/04/27/gimp-2-10-0-released/gimp-2-10-0-Wilber-pepper.png
+
+Everyone is asking us if GIMP is vulnerable to the recent `log4j`
+[vulnerabilities](https://logging.apache.org/log4j/2.x/security.html)
+(also dubbed "*log4shell*" in the media, in particular regarding to the
+[CVE-2021-44228](https://www.cve.org/CVERecord?id=CVE-2021-44228)
+zero-day vulnerability).
+
+As an official statement: **no, GIMP is not vulnerable to log4shell!**
+
+We do not use `log4j` and there is not even any Java code in GIMP. So
+enjoy GIMP and feel safe while creating more wonderful artworks 🖼!
+
+📷 Happy GIMPing! 🖌
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
