You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@logging.apache.org by "Gary D. Gregory (Jira)" <ji...@apache.org> on 2021/12/15 01:26:00 UTC
[jira] [Closed] (LOG4J2-3201) Limit the protocols JNDI can use and restrict LDAP.
[ https://issues.apache.org/jira/browse/LOG4J2-3201?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gary D. Gregory closed LOG4J2-3201.
-----------------------------------
Resolution: Fixed
Fix Jira title.
> Limit the protocols JNDI can use and restrict LDAP.
> ---------------------------------------------------
>
> Key: LOG4J2-3201
> URL: https://issues.apache.org/jira/browse/LOG4J2-3201
> Project: Log4j 2
> Issue Type: Bug
> Components: Core
> Reporter: Ralph Goers
> Priority: Major
> Fix For: 2.15.0
>
>
> LDAP needs to be limited in the servers and classes it can access. JNDI should only support the java, ldap, and ldaps protocols by default.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)