You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@karaf.apache.org by Oleg Cohen <ol...@assurebridge.com> on 2021/12/12 17:18:05 UTC
Re: Karaf 4.3.x "Apache Log4j Remote Code Execution Vulnerability" mitigation?
Thank you!
On Dec 12, 2021, at 10:13 AM, Jean-Baptiste Onofre <jb...@nanthrax.net> wrote:
log4j2.formatMsgNoLookups=true in etc/system.properties should do the trick.
Regards
JB
Le 12 déc. 2021 à 18:10, Oleg Cohen <ol...@assurebridge.com> a écrit :
Hi JB,
Thank you for the info.
Do you have an example of how this can be dome in system.properties?
Best,
Oleg
On Dec 12, 2021, at 10:08 AM, JB Onofré <jb...@nanthrax.net> wrote:
You can use system.properties to set the msg format on existing version.
Else Karaf 4.3.4 will include fix by default.
Le 12 déc. 2021 à 17:54, Paul Spencer <pa...@mindspring.com> a écrit :
For users of Karaf 4.3.x, what is the recommended mitigation for "Apache
Log4j Remote Code Execution Vulnerability", CVE-2021-44228?
Paul Spencer