|
|
|
|
|
|
by jedwidz
1649 days ago
|
|
|
> Apparently it was intentional, and to me that's a million times worse than if it were a bug that could just be fixed. I've been on an 'archaeological dig' into the Log4j commit history, and sure enough, there's evidence that the formatting behavior was intentional from the outset. My write-up is here: https://jedwidz.hashnode.dev/log4j-vulnerability-what-the-fa... |
|
|