You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ignite.apache.org by Randall Woodruff <rw...@niksun.com> on 2021/12/16 15:26:15 UTC
Log4j response
Is the Apache Ignite group aware of any current vulnerabilities presented by log4j within Ignite or planning on issuing any guidance or advice in regards to log4j and Ignite?
Thank you,
Randall
Re: Log4j response
Posted by Stephen Darlington <st...@gridgain.com>.
This is the best public summary I’ve seen so far:
https://www.gridgain.com/resources/blog/what-you-need-know-about-log4j-vulnerabilities-apache-ignite-and-gridgain <https://www.gridgain.com/resources/blog/what-you-need-know-about-log4j-vulnerabilities-apache-ignite-and-gridgain>
In summary, there are immediate mitigations you can apply and there should be new releases shortly that incorporate the fixed version of log4j2.
> On 16 Dec 2021, at 15:26, Randall Woodruff <rw...@niksun.com> wrote:
>
> Is the Apache Ignite group aware of any current vulnerabilities presented by log4j within Ignite or planning on issuing any guidance or advice in regards to log4j and Ignite?
>
> Thank you,
> Randall