Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

In every non-trivial program there is at least one bug.

computers / comp.sys.tandem / Log4j - Why you should upgrade

SubjectAuthor
o Log4j - Why you should upgradeRandall

1
Log4j - Why you should upgrade

<b22a4212-52bf-4e0c-a9f8-a048e5c975cdn@googlegroups.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=525&group=comp.sys.tandem#525

  copy link   Newsgroups: comp.sys.tandem
X-Received: by 2002:a05:620a:31c:b0:6b5:d5a5:687f with SMTP id s28-20020a05620a031c00b006b5d5a5687fmr11832585qkm.375.1658239440119;
Tue, 19 Jul 2022 07:04:00 -0700 (PDT)
X-Received: by 2002:a25:32d2:0:b0:66e:c56d:4f94 with SMTP id
y201-20020a2532d2000000b0066ec56d4f94mr30578989yby.340.1658239439857; Tue, 19
Jul 2022 07:03:59 -0700 (PDT)
Path: i2pn2.org!i2pn.org!usenet.blueworldhosting.com!feed1.usenet.blueworldhosting.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.sys.tandem
Date: Tue, 19 Jul 2022 07:03:59 -0700 (PDT)
Injection-Info: google-groups.googlegroups.com; posting-host=2607:fea8:3f9d:36e5:4a5:2626:8f8:23c7;
posting-account=6VebZwoAAAAgrpUtsowyjrKRLNlqxnXo
NNTP-Posting-Host: 2607:fea8:3f9d:36e5:4a5:2626:8f8:23c7
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <b22a4212-52bf-4e0c-a9f8-a048e5c975cdn@googlegroups.com>
Subject: Log4j - Why you should upgrade
From: rsbec...@nexbridge.com (Randall)
Injection-Date: Tue, 19 Jul 2022 14:04:00 +0000
Content-Type: text/plain; charset="UTF-8"
X-Received-Bytes: 1725
 by: Randall - Tue, 19 Jul 2022 14:03 UTC

If you have not heard about this from me, or HPE, or other places, please have a glace. It is important that you patch or deal with the log4j component to prevent vulnerabilities.

https://channeldailynews.com/news/log4j-vulnerability-has-reached-endemic-proportions-says-report/77753?utm_source=CDN&utm_medium=enews&utm_campaign=CDN&scid=ed8c7e89-3f63-1128-a221-4e6022be5395

There was a HOTSTUFF that came out a while ago about this. Please read that and mitigate it.

Note: NSGit does not have any vulnerability associated with log4j. Jenkins also does not, unless you have replaced the default log4j version with a bad one.

Regards,
Randall Becker
On behalf of the NSGit team.

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor