The vulnerability is quite nasty. If there is a user string logged in a
log4j line, then you are vulnerable.
I would suspect everyone would need to at least worry about it or risk
becoming a bitcoin harvester.
tim
On Sat, Dec 11, 2021 at 2:19 PM Shawn Heisey wrote:
> On 12/11/21 2:05 PM, Scot
The startup options are shown on the home admin page, in alphabetical order.
Very handy.
wunder
Walter Underwood
wun...@wunderwood.org
http://observer.wunderwood.org/ (my blog)
> On Dec 11, 2021, at 1:09 PM, Scott Derrick wrote:
>
> Trying to mitigate the zero day log4j exploit without upgrad
On 12/11/21 2:05 PM, Scott Derrick wrote:
Trying to mitigate the zero day log4j exploit without upgrading my
solr instance
per
https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
I made the following edits :
(Linux/MacOS) Edit your |solr.in.sh| fil
