1,126
edits
Difference between revisions of "Apache Log4j & CMOD ODWEK ICN"
Apache Log4j & CMOD ODWEK ICN (view source)
Revision as of 15:05, 11 December 2021
, 15:05, 11 December 2021Added options for CMOD Log4j mitigations.
(Minor updates to reflect ICN log4j vulnerability) |
m (Added options for CMOD Log4j mitigations.) |
||
| Line 60: | Line 60: | ||
* Install the new library to a location of your choice, and add that location at the front of your CLASSPATH environment variable, so that it is found first in the search path. | * Install the new library to a location of your choice, and add that location at the front of your CLASSPATH environment variable, so that it is found first in the search path. | ||
...or... | |||
* If your network security and system architecture provide reasonable protection from exploitation of this bug, you can opt to do nothing, and wait for the next [[https://cmod.wiki/index.php?title=Main_Page#IBM_CMOD_Fixpacks_.26_Security_Bulletins CMOD Fixpack]]. | |||
Whichever option you choose, it is critical that you test the new solution before moving it into production. | |||
== Questions for IBM == | == Questions for IBM == | ||