You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@rocketmq.apache.org by GitBox <gi...@apache.org> on 2022/05/25 02:59:03 UTC

[GitHub] [rocketmq] odbozhou commented on issue #4360: Does RocketMQ support -Dfastjson.parser.safeMode=true to circumvent fastjson vulnerability?

odbozhou commented on issue #4360:
URL: https://github.com/apache/rocketmq/issues/4360#issuecomment-1136670782

   Fastjson 1.2.68 and above version support
   -Dfastjson.parser.safeMode=true Security hardening.
   The fastjson version currently used by rocketmq 4.9.1 is 1.2.76
   Therefore, this method is supported for security reinforcement.
    You can do security reinforcement according to the instructions and precautions in the official fastjson document.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@rocketmq.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org