Merge pull request #66 from linuxserver/davos-update

content/issues/2021-12-13-log4j.md

@@ -25,6 +25,7 @@ Multiple vulnerabilities ([CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-
 * [Airsonic](https://github.com/linuxserver/docker-airsonic) (No log4j-core in use)
 * [HABridge](https://github.com/linuxserver/docker-habridge) (No log4j-core in use)
 * [Unifi Controller](https://github.com/linuxserver/docker-unifi-controller) - `version-6.5.55` and later (Workaround applied + upstream fix)
+* [Davos](https://github.com/linuxserver/docker-davos) `version-2.2.2` and later (Upstream fix)
 
 The following Linuxserver containers have been confirmed not to be affected by CVE-2021-44228 due to existing mitigations, upstream patches, or workarounds applied to the container images, but may still be vulnerable to CVE-2021-45046.
 
@@ -34,7 +35,6 @@ The following Linuxserver containers have been confirmed not to be affected by C
 
 The following Linuxserver containers are known to be using a vulnerable version of log4j in their current versions and cannot be mitigated by us. This does not mean they are definitely exploitable, but they may be, especially if exposed to the internet.
 
-* [Davos](https://github.com/linuxserver/docker-davos)
 * [Booksonic](https://github.com/linuxserver/docker-booksonic) (Deprecated)
 
 The following Linuxserver containers are unconfirmed as to their vulnerability status, but are Java based and so may be using log4j in some capacity.