The Log4j vulnerabilities came to light earlier this month. I have not written about it as others have a better understanding of how this effects the operating system we love, and have written good articles about it too.
I was sent this link to an IBM Blog entry that describes what you can to remediate these vulnerabilities. And I thought I would share it with you. The blog post is general to all IBM products, not just IBM i and Power systems.
https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/
Please share this link with your IBM i system administrators, and ask them to check if any updates need to be applied to your IBM products and environments.
Update
Mike Mayer sent me a couple more links that might help too:
While these are not related to Log4j, Peder Udesen shared these vulnerabilities in RDi:
Simon, a Solution, great. Thanks for sharing. Just another teaching moment from you, helping to keep updated.. thanks
ReplyDelete