: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?
Hi Scott,
While we do include those files in the distribution of ArchivesSpace, they are
not actually used by the application in production mode. They are part of our
development dependencies used to enable file reloading while
3:45
To: Archivesspace Users Group
; SUTHERLAND Ianthe
Subject: Re: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?
This email was sent to you by someone outside the University.
You should only click on links or attachments if you are certain that the email
is gen
From: archivesspace_users_group-boun...@lyralists.lyrasis.org
on behalf of Steele,
Henry
Sent: Monday, December 13, 2021 1:52 PM
To: Archivesspace Users Group
Subject: Re: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?
Are people on earlier versions of ArchivesSpace , e.g. 2.7.1 that
Group
Subject: Re: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?
While ArchivesSpace itself might not be vulnerable, those who run an extrrnal
Solr instance should be aware that it itself may be, see
https://solr.apache.org/security.html#apache-solr-affected-by-apache
.
From: archivesspace_users_group-boun...@lyralists.lyrasis.org
on behalf of Steele,
Henry
Sent: Monday, December 13, 2021 1:52 PM
To: Archivesspace Users Group
Subject: Re: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?
Are people on earlier versions
: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?
While ArchivesSpace itself might not be vulnerable, those who run an extrrnal
Solr instance should be aware that it itself may be, see
https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
for more
From: archivesspace_users_group-boun...@lyralists.lyrasis.org
on behalf of Tom
Hanstra
Sent: 11 December 2021 13:21
To: Archivesspace Users Group
Subject: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?
There is a lot of buzz right now about the log4j
g>
> *Subject:* [Archivesspace_Users_Group] log4j vulnerability in
> ArchivesSpace?
>
> There is a lot of buzz right now about the log4j exploit being used
> against Java applications. Does anyone know if ArchivesSpace is vulnerable
> to these exploits?
>
> To
There is a lot of buzz right now about the log4j exploit being used against
Java applications. Does anyone know if ArchivesSpace is vulnerable to these
exploits?
Tom
--
*Tom Hanstra*
*Sr. Systems Administrator*
hans...@nd.edu
___
