While ArchivesSpace itself might not be vulnerable, those who run an extrrnal Solr instance should be aware that it itself may be, see https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228 for more information and some possible workarounds.
p ________________________________ From: archivesspace_users_group-boun...@lyralists.lyrasis.org <archivesspace_users_group-boun...@lyralists.lyrasis.org> on behalf of Tom Hanstra <hans...@nd.edu> Sent: 11 December 2021 13:21 To: Archivesspace Users Group <archivesspace_users_group@lyralists.lyrasis.org> Subject: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace? There is a lot of buzz right now about the log4j exploit being used against Java applications. Does anyone know if ArchivesSpace is vulnerable to these exploits? Tom -- Tom Hanstra Sr. Systems Administrator hans...@nd.edu<mailto:hans...@nd.edu> [https://docs.google.com/uc?export=download&id=1GFX1KaaMTtQ2Kg2u8bMXt1YwBp96bvf0&revid=0B7APN9POn6xAQ244WWFYMFU3aVJwZ0lxbmVHK3FxNXlCd0RRPQ]
_______________________________________________ Archivesspace_Users_Group mailing list Archivesspace_Users_Group@lyralists.lyrasis.org http://lyralists.lyrasis.org/mailman/listinfo/archivesspace_users_group