Running the script: println(java.util.logging.Logger.class) does indicated that Apache logger (built on top of Log4j) is present in the LTS version of Jenkins.
On Sunday, December 12, 2021 at 11:39:55 a.m. UTC-5 [email protected] wrote: > Hi Kritesh, > > Thank you for this info. > > The problem with that example is that Apache java.util.logging is built on > top of Log4j but does not identify as such. I am not convinced that this > test is sufficient. > > Sincerely, > Randall > > On Sunday, December 12, 2021 at 11:34:15 a.m. UTC-5 [email protected] > wrote: > >> I am following for the same issue… found below info on community page >> regarding this vulnerability. >> >> https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/ >> >> >> Thanks & Regards, >> Kritesh >> >> On Sun, Dec 12, 2021 at 9:27 AM [email protected] <[email protected]> >> wrote: >> >>> Hi All, >>> >>> I am looking for any information relating to whether the Zero Days CVE >>> has any impact on Jenkins or Plugins. We do know that the java.util.logging >>> is built on log4j, but do not know whether protections are in place to >>> prevent this vulnerability from being exploited, and where. For example, >>> could a command in a pipeline trigger this vulnerability. >>> >>> This is a somewhat urgent request. >>> >>> Thanks, >>> Randall >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Jenkins Users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/jenkinsci-users/4e157a13-bfba-425a-81ae-b93cdd845f9dn%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/jenkinsci-users/4e157a13-bfba-425a-81ae-b93cdd845f9dn%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/2fb5cbcd-d452-4877-962a-80ca8c1cfc43n%40googlegroups.com.
