Good day,
We are currently using the last provided
Pentaho Community Edition version (9.2.0.0-290), available on Pentaho from Hitachi Vantara - Browse /Pentaho-9.2 at SourceForge.net and would like to understand if there is a timeline for when a new version will be provided that fixes the log4j vulnerability. When is it planned for a new version to be available?
Furthermore, we have already done the remediation actions and would like to understand if it is possible to manually update the affected files so that the java and log4j affected versions are no longer detected in our installation.
Any help on this matter is appreciated.
Thank you.
------------------------------
Andre Rosa
------------------------------