[ovirt-users] Re: oVirt and log4j vulnerability

Derek Atkins Mon, 13 Dec 2021 05:48:42 -0800

On Mon, December 13, 2021 8:04 am, Gianluca Cecchi wrote:
>>
> If I understood correctly reading here:
> https://blog.qualys.com/vulnerabilities-threat-research/2021/12/10/apache-log4j2-zero-day-exploited-in-the-wild-log4shell
>
> you are protected by the RCE if java is 1.8 and greater than 1.8.121
> (released on 2017)


Do you mean 1.8.0.121?  For example, my system has:

java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.x86_64

-derek

-- 
       Derek Atkins                 617-623-3745
       de...@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/32PPOVQZRSIMCQMPVKZAKRZITIGGZ774/

[ovirt-users] Re: oVirt and log4j vulnerability

Reply via email to