libapache2-mod-shib2 log4shell-vulnerability

Fri Dec 17 08:53:26 UTC 2021

Hello 
I use "libapache2-mod-shib2" for my SP and "libapache2-mod-shib2" use log4j in shibd.logger (log4j.appender).
Is libapache2-mod-shib2 affected by log4shell-vulnerability?

Here is my version of libapache2-mod-shib2
https://packages.ubuntu.com/source/bionic/shibboleth-sp2 (https://packages.ubuntu.com/source/bionic/shibboleth-sp2)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20211217/e8270a02/attachment.htm>