: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?
Hi Scott,
While we do include those files in the distribution of ArchivesSpace, they are
not actually used by the application in production mode. They are part of our
development dependencies used to enable file reloading while the
021 13:45
To: Archivesspace Users Group
; SUTHERLAND Ianthe
Subject: Re: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?
This email was sent to you by someone outside the University.
You should only click on links or attachments if you are certain that the email
is genuin
__
From: archivesspace_users_group-boun...@lyralists.lyrasis.org
on behalf of Steele,
Henry
Sent: Monday, December 13, 2021 1:52 PM
To: Archivesspace Users Group
Subject: Re: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?
Are people on earlier versions of ArchivesSpace ,
Group
Subject: Re: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?
While ArchivesSpace itself might not be vulnerable, those who run an extrrnal
Solr instance should be aware that it itself may be, see
https://solr.apache.org/security.html#apache-solr-affected-by-apache
.
From: archivesspace_users_group-boun...@lyralists.lyrasis.org
on behalf of Steele,
Henry
Sent: Monday, December 13, 2021 1:52 PM
To: Archivesspace Users Group
Subject: Re: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?
Are people on earlier versions of
t: Re: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?
While ArchivesSpace itself might not be vulnerable, those who run an extrrnal
Solr instance should be aware that it itself may be, see
https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
for
From: archivesspace_users_group-boun...@lyralists.lyrasis.org
on behalf of Tom
Hanstra
Sent: 11 December 2021 13:21
To: Archivesspace Users Group
Subject: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?
There is a lot of buzz right now about the log4j
lyralists.lyrasis.org>
> *Subject:* [Archivesspace_Users_Group] log4j vulnerability in
> ArchivesSpace?
>
> There is a lot of buzz right now about the log4j exploit being used
> against Java applications. Does anyone know if ArchivesSpace is vulnerable
> to these ex
There is a lot of buzz right now about the log4j exploit being used against
Java applications. Does anyone know if ArchivesSpace is vulnerable to these
exploits?
Tom
--
*Tom Hanstra*
*Sr. Systems Administrator*
hans...@nd.edu
___
Archivesspace_Users_Gro