[GitHub] [logging-log4j2] ahahu commented on pull request #608: Restrict LDAP access via JNDI

ahahu commented on pull request #608: URL: https://github.com/apache/logging-log4j2/pull/608#issuecomment-991354707 I'd also like to stress, that it is not sufficient to mitigate this vulnerability by using a JRE/JDK version which prevents the RCE, nor should you rely solely on your firewa

[GitHub] [logging-log4j2] ahahu commented on pull request #608: Restrict LDAP access via JNDI

ahahu commented on pull request #608: URL: https://github.com/apache/logging-log4j2/pull/608#issuecomment-991354707 I'd also like to stress, that it is not sufficient to mitigate this vulnerability by using a JRE/JDK version which prevents the RCE, nor should you rely solely on your firewa