Following a serious vulnerability discovered in the Apache Log4j logging library, I wanted to know if Gitea is affected by this vulnerability.
If so, what actions were taken to correct this vulnerability?
Thank you for your feedback.
Gitea itself is written with Golang as backend language so it never used Apache Log4j. And of course, Gitea could connect to Elastic Search to index codes. If you are using Gitea with Elastic Search and it’s affetcted by log4j, maybe you need to upgrade Elastic Search. I will post this to our twitter https://twitter.com/giteaio so that more people know that.
Thank you for your reply.
I think it is a good idea topost this to your twitter.
Have a good day.