Log4j2 Vulnerability CVE-2021-44228 at MITRE

Hi, The Messaging API for Java (jcsmp) 10.12.1 has reference to commons-logging-1.2 which in turn uses log4j 1.2.17, will there be fix for this?