whilst NOT vulnerable to the recent CVE, the log4j dependencies in PUM were left arbitrarily defined by the platform, this update explicitly depends on 1.2.17-atlassian-13 for avoidance of doubt.
CollapsedExpanded1.2.2Jira Server 8.0.0 - 8.21.12021-12-15log4j dependencies now explicitly declared
whilst NOT vulnerable to the recent CVE, the log4j dependencies in SU were left arbitrarily defined by the platform, this update explicitly depends on 1.2.17-atlassian-13 for avoidance of doubt.
CollapsedExpanded1.2.1Jira Data Center 8.0.1 - 8.20.102021-07-28compatibility build for Jira 8.18.x