This just in from Canonical. The following two commands are to be run in a terminal window, and they check the vulnerability of your system/server to the respective CVE:
$ sudo ua fix CVE-2021-44228
$ sudo ua fix CVE-2021-45046
Ideally you want the result:
CVE-2021-45046: Apache Log4j 2 vulnerability
No affected packages are installed.
✔ CVE-2021-45046 does not affect your system.
Safe computing, y’all!