Kiwi R3 2021 - Log4j vulnerability verification and correction

Description

The 'formatMsgNoLookups' property was added in version 2.10.0, per the JIRA Issue LOG4J2-2109 that proposed it. Therefore the 'formatMsgNoLookups=true' mitigation strategy is available in version 2.10.0 and higher, but is no longer necessary with version 2.15.0, because it then becomes the default behavior .

CSP Request Details

None

CSP Rejection Details

None

Environment

None

Potential Workaround

None

Linked issues

Checklist

hide

TestRail: Results

Activity

Show:

Ann-Marie Breaux December 28, 2021 at 4:00 PM

Per @Kateryna Senchenko no separate Lotus Jira required, since the Lotus RMB update takes care of the log4j issue for Lotus

Oleksii Petrenko December 21, 2021 at 9:29 AM

Deployed to Kiwi BF. Closing

Kateryna Senchenko December 14, 2021 at 12:20 PM

PR can be found linked to https://folio-org.atlassian.net/browse/MODDICONV-215#icft=MODDICONV-215

Done

Details
Assignee
Kateryna Senchenko
Reporter
Oleksii Petrenko
Labels
back-enddata-importepam-folijet
Priority
P1
Story Points
0.5
Sprint
None
Development Team
Folijet
Parent
FOLREL-505 R3 2021 Kiwi - Log4j update
Fix versions
1.12.1
Release
R3 2021 Bug Fix
TestRail: Cases
Open TestRail: Cases
TestRail: Runs
Open TestRail: Runs

Created December 14, 2021 at 12:04 PM

Updated December 28, 2021 at 4:00 PM

Resolved December 15, 2021 at 11:38 AM

Configure

TestRail: Cases

TestRail: Runs

Kiwi R3 2021 - Log4j vulnerability verification and correction

Description

CSP Request Details

CSP Rejection Details

Environment

Potential Workaround

Linked issues

blocks

defines

relates to

Checklist

TestRail: Results

Activity

Ann-Marie Breaux December 28, 2021 at 4:00 PM

Oleksii Petrenko December 21, 2021 at 9:29 AM

Kateryna Senchenko December 14, 2021 at 12:20 PM

Details

Assignee

Reporter

Labels

Priority

Story Points

Sprint

Development Team

Parent

Fix versions

Release

TestRail: Cases

TestRail: Runs

Flag notifications

Something's gone wrong