[jira] [Commented] (LOG4J2-3320) log4j vulnerability / Mitigations

encryptomator (Jira) Tue, 11 Jan 2022 12:52:04 -0800


    [ 
https://issues.apache.org/jira/browse/LOG4J2-3320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17473167#comment-17473167
 ]


encryptomator commented on LOG4J2-3320:
---------------------------------------

ok, thanks for the informations!

I think the other classes I have not configured.
Could someone take another look at my log4j config, please?

https://pastebin.com/GJU6GJNw

> log4j vulnerability / Mitigations
> ---------------------------------
>
>                 Key: LOG4J2-3320
>                 URL: https://issues.apache.org/jira/browse/LOG4J2-3320
>             Project: Log4j 2
>          Issue Type: Bug
>            Reporter: encryptomator
>            Priority: Major
>
> Hi,
> I have read that besides the JndiLookup classes, there are others that need 
> to be removed.
> JndiManager, JMSAppender, SMTPAppender.
> Does anyone here know more about this?
> https://fossa.com/blog/quickly-find-remediate-log4j-vulnerabilities-log4shell/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (LOG4J2-3320) log4j vulnerability / Mitigations

Reply via email to