Follow
We've published a blog post to explain the impact of the log4j security vulnerabilities on the Matrix ecosystem: https://matrix.org/blog/2021/12/15/on-matrix-and-the-log-4-j-vulnerabilities. TL;DR: if you run your own Jitsi or signald (or other java-based component), you need to apply mitigations immediately.
@matrix this took way too long for you to point out. Good thing I decided to drop support for conferencing calling and shit because it was a poorly integrated feature.
