I don’t think there is, but just wanted to confirm that VASSAL 3.6.2 is not running log4j2 from the recent CVE 2021-44228.
(Sorry…cyber guy here, not dev…and just spent the whole weekend dealing with this).
Thanks Joel!
We don’t have log4j in our dependency tree, and have not ever, so far as I can recall.
2 Likes