perfsonar-user - [perfsonar-user] Reccomendation for mitigating log4j vuln
Subject: perfSONAR User Q&A and Other Discussion
List archive
- From: Hans Kuhn <>
- To:
- Subject: [perfsonar-user] Reccomendation for mitigating log4j vuln
- Date: Fri, 10 Dec 2021 10:14:03 -0800
Hi,
What is the perfsonar development team's recommendation for addressing the
RCE vulnerability in log4j that was announced today?
The two options seem to be:
* install patched version of log4j
* Add the 'log4j.formatMsgNoLookups=true' flag to the jvm
thanks,
Hans
details here:
https://logging.apache.org/log4j/2.x/security.html?spm=a2c4g.11174386.n2.5.56b74c07Zg3Nh7
- [perfsonar-user] Reccomendation for mitigating log4j vuln, Hans Kuhn, 12/10/2021
- Re: [perfsonar-user] Reccomendation for mitigating log4j vuln, Mark Feit, 12/10/2021
- Re: [perfsonar-user] Reccomendation for mitigating log4j vuln, Hans Kuhn, 12/10/2021
- Re: [perfsonar-user] Reccomendation for mitigating log4j vuln, Mark Feit, 12/10/2021
- Re: [perfsonar-user] Reccomendation for mitigating log4j vuln, Hans Kuhn, 12/10/2021
- Re: [perfsonar-user] Reccomendation for mitigating log4j vuln, Mark Feit, 12/10/2021
- Re: [perfsonar-user] Reccomendation for mitigating log4j vuln, Hans Kuhn, 12/10/2021
- Re: [perfsonar-user] Reccomendation for mitigating log4j vuln, Mark Feit, 12/10/2021
Archive powered by MHonArc 2.6.24.