On 18/10/2024 03:49, jaa...@kolumbus.fi wrote:
Hi Andy,
You should upgrade to Jena 5.x to get security updates.
if you mean vulnerability of log4j2 from year 2021, they said that
"The vulnerability of log4j2 does impact Fuseki 3.15 - 3.17, and 4.x.".
So 3.14 should be safe. I just renamed the file log4j2.properties to
log4j.properties, stored it in /jena-fuseki-folder and restarted the container.
log4j1 has a different vulnerability and is end-of-life.
There are Jena resolves CVEs as well.
https://jena.apache.org/about_jena/security-advisories
Andy
I got these messages:
log4j:WARN No appenders could be found for logger
(org.apache.jena.util.FileManager).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more
info.
Do you know what else should I have done ?
Jaana
17.10.2024 11.45 EEST Andy Seaborne <a...@apache.org> kirjoitti:
On 17/10/2024 03:37, jaa...@kolumbus.fi wrote:
I'm running docker.io/stain/jena-fuseki:3.14.0 in podman container on linux redHat host. I a very heavy load it can happen that /var/log/messages-file receives huge amount of INFO-level messages from jena-fuseki. How can I change the log level of my container to get rid of these messages ?
This is similar with https://stackoverflow.com/questions/71615972/change-jena-fuseki-logging-level https://stackoverflow.com/questions/71615972/change-jena-fuseki-logging-level , but the problem now is that I cannot find the file log4j2.properties from inside the container.
Br, Jaana
3.14.0 used log4j1 The file will be called log4j.properties.
If it does not exist, then the server uses a built in default. You can
place a logging setup in the container at the expected pl;ace and it
should use on start-up.
You should upgrade to Jena 5.x to get security updates.
Andy
