Zentyal Forum, Linux Small Business Server
Zentyal Server => Installation and Upgrades => Topic started by: zendavidr on December 16, 2021, 11:54:39 am
-
I'm sure many are aware of this issue first reported last week (https://thecyphere.com/blog/log4j-vulnerability/) and wonder if anyone has determined vulnerability of components in Zentyal versions and any patches needed. I'm on Commercial 6.2
-
Hi,
Zentyal uses Perl not Java, so, all the components that Zentyal has developed are not affected to the log4j vulnerability.
Aparently, if the package 'apache-log4j2' wasn't installed by any dependency, it is nothing to worry about.
* https://ubuntu.com/security/notices/USN-5192-1
--
“This world is ours, and by the Holy Light we will keep it safe, now and forever".