[Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?

Blake Carver blake.carver at lyrasis.org
Sat Dec 11 08:46:28 EST 2021


Almost certainly not, there's no absolutes in this stuff, but from everything I've read it's currently not vulnerable.

This is a bad vulnerability, log4j is all over the place.
________________________________
From: archivesspace_users_group-bounces at lyralists.lyrasis.org <archivesspace_users_group-bounces at lyralists.lyrasis.org> on behalf of Tom Hanstra <hanstra at nd.edu>
Sent: Saturday, December 11, 2021 8:21 AM
To: Archivesspace Users Group <archivesspace_users_group at lyralists.lyrasis.org>
Subject: [Archivesspace_Users_Group] log4j vulnerability in ArchivesSpace?

There is a lot of buzz right now about the log4j exploit being used against Java applications. Does anyone know if ArchivesSpace is vulnerable to these exploits?

Tom
--
Tom Hanstra
Sr. Systems Administrator
hanstra at nd.edu<mailto:hanstra at nd.edu>

[https://docs.google.com/uc?export=download&id=1GFX1KaaMTtQ2Kg2u8bMXt1YwBp96bvf0&revid=0B7APN9POn6xAQ244WWFYMFU3aVJwZ0lxbmVHK3FxNXlCd0RRPQ]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lyralists.lyrasis.org/pipermail/archivesspace_users_group/attachments/20211211/49afe663/attachment.html>


More information about the Archivesspace_Users_Group mailing list