Important Notice:
Regarding the log4j vulnerabilities described in CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105: Our products do not require Log4j and are not vulnerable to the exploits. An older version of log4j (version 1.2.8) is installed with the Flexera License Server that is used to license our products. This version of log4j is not affected by any of the listed vulnerabilities. However, the jar file – C:\Program Files (x86)\FlexNet Publisher License Server Manager\examples\alerter\lib\Log4j-1.2.8.jar – is not required and may be removed. |
