From 39459603d4220deeffa10549bb0e7315bb3e45f9 Mon Sep 17 00:00:00 2001 From: Ozzie Isaacs Date: Sat, 19 Mar 2022 18:01:51 +0100 Subject: [PATCH] Update SECURITY.md --- SECURITY.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 26ce3c55..54be54bd 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -36,6 +36,6 @@ To receive fixes for security vulnerabilities it is required to always upgrade t | V 0.6.17 | The SSRF Protection can no longer be bypassed via 0.0.0.0 and it's ipv6 equivalent. Thanks to @r0hanSH || -## Staement regarding Log4j (CVE-2021-44228 and related) +## Statement regarding Log4j (CVE-2021-44228 and related) Calibre-web is not affected by bugs related to Log4j. Calibre-Web is a python program, therefore not using Java, and not using the Java logging feature log4j.