Considering the log4j java exploit with a 10/10 risk, do I need to worry about that?
https://nvd.nist.gov/vuln/detail/CVE-2021-44228
I'm not sure if this is always an integral part of Apache (or would you need to install that separately). If so, will a patched version be released to the community channel soon?
Sorry, I'm not the greatest expert on this matter. Just want to keep my server clean.
https://nvd.nist.gov/vuln/detail/CVE-2021-44228
I'm not sure if this is always an integral part of Apache (or would you need to install that separately). If so, will a patched version be released to the community channel soon?
Sorry, I'm not the greatest expert on this matter. Just want to keep my server clean.
Share this post:
Accepted Answer
log4j is not installed by default and according to RedHat's advisory, RHEL7, so ClearOS 7, is not affected.
Responses (4)
-
Accepted Answer
Nick Howitt wrote:
Not that I've bumped into, but I have not used all the packages. It does not matter anyway as Redhat say the CVE is not applicable to their (and our) version of log4j.
log4j is not installed by default and according to RedHat's advisory, RHEL7, so ClearOS 7, is not affected. -
Accepted Answer
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »