Does the patch for Feko to version 2022.1.3 address Apache Log4j2.2.x vulnerability

Alex Hurd
Alex Hurd Altair Community Member
edited December 2022 in Community Q&A

Our internal security rejected a request to install Feko 2022.1 due to a high-risk assessment for CVE-2021-44228. 

CVE-2021-44228 is associated with the Apache Log4j2.2.x vulnerability.

Is Feko 2022.1.3 fully patched against this?

The release notes make no mention of this. 

Thank you. 

Tagged:

Answers

  • Torben Voigt
    Torben Voigt
    Altair Employee
    edited December 2022

    Hi @Alex Hurd ,

    I have had development confirm that Feko 2022.1 is not affected by this vulnerability.

    Best regards,
    Torben