Hi Murugaiyan,
The Eclipse Orbit project should be treated like Maven Central. Hence, it is not secure. The old version will still be available for download in the archives.
However, the Log4J version has been updated by volunteers to the latest available one. Thus, mitigation is available.
-Gunnar
Hello Orbit Team, I work for BOSCH Group and we mostly use the Eclipse Framework to construct applications. In the recent times globally everyone knew about the Apache Log4j contains some Security Vulnerability issue and as a result all of the issues have a mitigation action. However, I was unable to locate any information regarding the Eclipse Orbit Project. Could you please help us out in clarifying whether Eclipse Orbit is secure ? Thank you very much. Mit freundlichen Grüßen / Best regards
Murugaiyan Deepthi
ES-CDG-Methods Tools (RBEI/EMT5) Robert Bosch GmbH | Postfach 10 60 50 | 70049 Stuttgart | GERMANY | www.bosch.com Tel. +91 422 619-1119 | Fax +91 422 663-4104 | Deepthi.Murugaiyan@xxxxxxxxxxxx
Registered Office: Stuttgart, Registration Court: Amtsgericht Stuttgart, HRB 14000; Chairman of the Supervisory Board: Prof. Dr. Stefan Asenkerschbaumer; Managing Directors: Dr. Stefan Hartung, Dr. Christian Fischer, Filiz Albrecht, Dr. Markus Forschner, Dr. Markus Heyn, Rolf Najork _______________________________________________orbit-dev mailing listorbit-dev@xxxxxxxxxxxTo unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/orbit-dev
|