perfsonar-user - Re: [perfsonar-user] Reccomendation for mitigating log4j vuln
Subject: perfSONAR User Q&A and Other Discussion
List archive
- From: Hans Kuhn <>
- To: Mark Feit <>
- Cc:
- Subject: Re: [perfsonar-user] Reccomendation for mitigating log4j vuln
- Date: Fri, 10 Dec 2021 11:52:07 -0800
On 10 Dec 2021, at 11:21, Mark Feit wrote:
> Hans Kuhn writes:
>
> Thanks Mark! Can you reassure me that this doesn't apply to pS even tho it
> runs log4j 1.x?
>
> "The 1.x series of Log4j is also vulnerable to this issue when using the
> JMS Appender class."
>
> All of our Log4j logging goes to files via the RollingFileAppender. You
> can see that in the configuration we ship here:
> https://github.com/perfsonar/maddash/blob/master/maddash-server/etc/log4j.properties.
>
> --Mark
Hi Mark,
Thanks for the clarification! I also appreciate the pointer to log4j's
configuration as I'm still evaluating the rest of our services that rely on
java.
best, Hans
- [perfsonar-user] Reccomendation for mitigating log4j vuln, Hans Kuhn, 12/10/2021
- Re: [perfsonar-user] Reccomendation for mitigating log4j vuln, Mark Feit, 12/10/2021
- Re: [perfsonar-user] Reccomendation for mitigating log4j vuln, Hans Kuhn, 12/10/2021
- Re: [perfsonar-user] Reccomendation for mitigating log4j vuln, Mark Feit, 12/10/2021
- Re: [perfsonar-user] Reccomendation for mitigating log4j vuln, Hans Kuhn, 12/10/2021
- Re: [perfsonar-user] Reccomendation for mitigating log4j vuln, Mark Feit, 12/10/2021
- Re: [perfsonar-user] Reccomendation for mitigating log4j vuln, Hans Kuhn, 12/10/2021
- Re: [perfsonar-user] Reccomendation for mitigating log4j vuln, Mark Feit, 12/10/2021
Archive powered by MHonArc 2.6.24.