Java and log4j would like a word with you. | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		chucke on Jan 8, 2022 \| parent \| context \| favorite \| on: A routine gem update ended up creating $73k worth ... Java and log4j would like a word with you.

jorams on Jan 8, 2022 [–]

The problem with log4j is that they didn't introduce a breaking change, allowing vulnerable functionality the maintainers already considered problematic to stick around.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact