Monday, December 13, 2021

Apache Log4j vulnerability "Log4shell"

A very severe security vulnerability named "Log4shell" was found in Apache Log4j. You can read more about it here:

https://nvd.nist.gov/vuln/detail/CVE-2021-44228

We are getting a lot of questions from customers who are concerned if Group-Office is affected by this vulnerability.

Luckily, I can say that Group-Office or it's dependencies never used this software. The Debian package of Group-Office uses the Apache webserver but this is different software.

That said, it might be that you've installed other package on the server that uses it. You can check this with this command:

dpkg -l | grep log4

Note: This makes sure the Debian package is not installed. But it doesn't check if it was installed by other means!




5 comments:

  1. Please just let me go houston doula

    ReplyDelete
  2. Been sitting eyes wide open behind these four walls kitchen cabinets idaho falls

    ReplyDelete
  3. This is such a great resource that you are providing and you give it away for free. egress system near me

    ReplyDelete
  4. Hurrah, that’s what I was exploring for, what stuff! present here at this webpage, thanks, admin of this web page.
    uniraj bsc 1st year result roll number wise

    ReplyDelete