Kiwi R3 2021 - Log4j vulnerability verification and correction

Description

The 'formatMsgNoLookups' property was added in version 2.10.0, per the JIRA Issue LOG4J2-2109 that proposed it. Therefore the 'formatMsgNoLookups=true' mitigation strategy is available in version 2.10.0 and higher, but is no longer necessary with version 2.15.0, because it then becomes the default behavior .

Environment

None

Potential Workaround

None

Checklist

hide

TestRail: Results

Activity

Show:

Oleksii Petrenko December 21, 2021 at 9:28 AM

Deployed to Kiwi BF. Closing

Michelle Suranofsky December 16, 2021 at 7:53 PM

@Craig McNally - yes I am. thank you!

Craig McNally December 16, 2021 at 6:01 PM

@Michelle Suranofsky I wanted to make sure that you're upgrading to log4j 2.16.0. I think this task was created prior to it's release.

Done

Details

Assignee

Michelle Suranofsky

Reporter

Oleksii Petrenko

Labels

back-end

Priority

Story Points

Development Team

Lehigh

Parent

FOLREL-505 R3 2021 Kiwi - Log4j update

Fix versions

1.9.1

Release

R3 2021 Bug Fix

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs

Created December 14, 2021 at 12:04 PM

Updated December 21, 2021 at 9:28 AM

Resolved December 17, 2021 at 10:56 AM

Configure

TestRail: Cases

TestRail: Runs

Kiwi R3 2021 - Log4j vulnerability verification and correction

Description

Environment

Potential Workaround

Checklist

TestRail: Results

Activity

Oleksii Petrenko December 21, 2021 at 9:28 AM

Michelle Suranofsky December 16, 2021 at 7:53 PM

Craig McNally December 16, 2021 at 6:01 PM

Details

Assignee

Reporter

Labels

Priority

Story Points

Development Team

Parent

Fix versions

Release

TestRail: Cases

TestRail: Runs

Flag notifications

Something's gone wrong