Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Juniper R2 2021 - Log4j vulnerability verification and correction

Description

The 'formatMsgNoLookups' property was added in version 2.10.0, per the JIRA Issue LOG4J2-2109 that proposed it. Therefore the 'formatMsgNoLookups=true' mitigation strategy is available in version 2.10.0 and higher, but is no longer necessary with version 2.16.0, because it then becomes the default behavior .

Environment

None

Potential Workaround

None

Checklist

hide

TestRail: Results

Activity

Show:

Julian Ladisch December 20, 2021 at 10:27 AM

Juniper and Kiwi both have been upgraded from mod-copycat:1.1.1 to mod-copycat:1.1.2:

https://github.com/folio-org/platform-complete/blob/R2-2021/install.json

The later has the log4j fix (via RMB 33.2.2): https://github.com/folio-org/mod-copycat/releases/tag/v1.1.2

 

Done

Details

Assignee

Reporter

Labels

Priority

Development Team

Mjolnir

Parent

Fix versions

Release

R2 2021 Hot Fix #5

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs
Created December 15, 2021 at 11:16 AM
Updated September 21, 2022 at 12:20 PM
Resolved December 20, 2021 at 10:27 AM
Configure
TestRail: Cases
TestRail: Runs