Why didn't Minecraft get patched with Log4j version 2.17??

This page summarizes the projects mentioned and recommended in the original post on /r/Minecraft
Logging Apache API Java Library

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • Apache Log4j 2

    Apache Log4j 2 is a versatile, feature-rich, efficient logging API and backend for Java.

    Apache's homepage for Log4j states "Log4j2 versions 2.0-beta7 through 2.17.0 are vulnerable" to this attack and the best course of action is to update to at least 2.17.1. Even version 2.16 was found to have a denial of service vulnerability. So unless you want your poor computer to receive all the requests in the known universe and crash, you need at least version 2.17.1. Meanwhile I'm sitting here doing a system-wide search and I find Minecraft 1.18.1 chillin like a villain with only Log4j version 2.14.1. The hell???

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts