subject:"Log4j in Cloudstack"

Re: Log4j in Cloudstack

2021-12-13 Thread Rohit Yadav

ookupFailureException.class Regards. From: Bs Serge Sent: Monday, December 13, 2021 15:17 To: users@cloudstack.apache.org Subject: Re: Log4j in Cloudstack Daan, Thanks for the update, I can see the default log4j configuration uses 1.2.27 : 1.2.17 1.2.17 1.1.1 We'll be

Re: Log4j in Cloudstack

2021-12-13 Thread Bs Serge

Daan, Thanks for the update, I can see the default log4j configuration uses 1.2.27 : 1.2.17 1.2.17 1.1.1 We'll be waiting for the official statement. Best Regards, On Mon, Dec 13, 2021 at 11:12 AM Daan Hoogland wrote: > Serge, > A official statement should be coming out soon, but I think it

Re: Log4j in Cloudstack

2021-12-13 Thread Daan Hoogland

Serge, A official statement should be coming out soon, but I think it is safe to say the ACS is not impacted, for sure with the default log4j configuration. The version we use is not impacted. A colleague PMC member did an exploit attempt and showed it failing. If you are unsure [1] describes what

Log4j in Cloudstack

2021-12-13 Thread Bs Serge

Hi all, I’m sure all of you are aware of what’s going with the Log4j security vulnerability, If not then : - https://www.wired.com/story/log4j-flaw-hacking-internet/ - https://logging-apache-org.translate.goog/log4j/2.x/security.html?_x_tr_sl=de&_x_tr_tl=en&_x_tr_hl=en-US So some of us are wonde