Ivy 10: uses a secure Log4j2 release
Meanwhile, we have released Axon Ivy 10.
Since it is based on Axon Ivy 9.x, it also includes a non-vulnerable release of log4j2 (initially log4j2 2.0.17.1).
Axon Ivy 10 is not affected by this vulnerability since its initial 10.0.0 release.
None of the fixes cited above are required in Axon Ivy 10.
You can download it here: https://dev.axonivy.com/download/10.0
New Logging Features
One of the advantages of log4j2 is that we now offer live changes of logging configurations: You are no longer required to stop the server, update the logging configuration and restart the server.
You can make and save a change and it is implemented immediately in the ivy logs.