In order to avoid a possible conflict between OWS and the actual JNLP applications, both icedtea-web and OpenWebStart dispense with as many dependencies as possible. Therefore, OWS uses its own logging framework which is not affected by the Log4Shell exploit.
The code for logging in OWS can be viewed here:
https://github.com/AdoptOpenJDK/IcedTea ... eb/logging
Clarification about Log4J vulnerability
The public knowledge pool and discussion forum of the OWS community. Do not post confidential information here!
- Posts: 550
- Joined: 24 Mar 2020, 13:37