Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[eclipse-dev] Eclipse-Dev Jars: Apache Log4j Tool : Zero Day in Ubiquitous Under Active Attack (CVE-2021-44228)
  • From: "Kumar, Amit (Noida)" <amit.kumar5@xxxxxxxxxx>
  • Date: Thu, 16 Dec 2021 07:05:32 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=fiserv.com; dmarc=pass action=none header.from=fiserv.com; dkim=pass header.d=fiserv.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VxD48x795UkiO9zkfJ85WyyqiZdArBG6X5RnrTTMPXE=; b=WC+3QBI5ruddXtCDRIfkyHiBx3h3CRyFksCc/sNL1MD+uMpUPCNaqbdbvcCtrfJh0hrR0BOoIVZLCqDKlLFRTA6uz0x3XvTAcvRrFHkHZkTN70ruAfs9iqYAn1YtDxMDD3ZkXMwNxihfRufNnEpSLJblih+4AderFLJ4u7Ng84TguLYcQtpA835nSwbpyAtnISK8QjF44ju2PfXvpNGZNM6FXx6vxQPEJ2DsDUYaiXFqIXnBFbcrrNahGstaJ5z7W+NgVHlWaGJF2wRK6fohqjJfLf11zaQvwxKLJ0qG5voq4JwHJDkAYnSH7dvjLtQc0rTd/0esdRmAq+L5T54skg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ni8/tZRBYcGbYVZ8+gmDnGdP9gburHIxKX+3c90UfgysOKRUl6uKo44OlQRR6eqlLNpke6x/sqCchA4teahH6mIeG3u06LPjHAmRNrMev5AAC3htlriFdzZmeA69sSDDw+yVoSwmZufPJ7bb5EqXY5hTjB3YhwWKNeNiCOD/gdeYl/2hLG5Bez+nGLzwzFS+9YTh89vxvlEf1pjFyimUcRqSP1KDFh9QlWdQA5CosIwoCh5dzLN/pHQSH5B/nPNQoSoaywj4lYAaGAgoGGeeaADl1KTNRShjuiOnn4+/zM0Ecty2V/siOtLyrr2HvKByndCDxmYLUAper0IiUx1kMg==
  • Delivered-to: eclipse-dev@xxxxxxxxxxx
  • List-archive: <https://www.eclipse.org/mailman/private/eclipse-dev/>
  • List-help: <mailto:eclipse-dev-request@eclipse.org?subject=help>
  • List-subscribe: <https://www.eclipse.org/mailman/listinfo/eclipse-dev>, <mailto:eclipse-dev-request@eclipse.org?subject=subscribe>
  • List-unsubscribe: <https://www.eclipse.org/mailman/options/eclipse-dev>, <mailto:eclipse-dev-request@eclipse.org?subject=unsubscribe>
  • Thread-index: AdfyS1ASj7sKvt9kRiK3kTS70DNfdA==
  • Thread-topic: Eclipse-Dev Jars: Apache Log4j Tool : Zero Day in Ubiquitous Under Active Attack (CVE-2021-44228)

Hi Team,

 

We are using Below jar provided by you. We want to ensure and know if it is impacted by “Apache Log4j Tool : Zero Day in Ubiquitous Under Active Attack (CVE-2021-44228)”. If it’s impacted please let us know about the security recommendation. To know we are looking for following answer

 

Jars:

jmxc

org.eclipse.emf.common_2.4.0.v200902171115 2.4.0

org.eclipse.emf.ecore.xmi_2.4.1.v200902171115 2.4.1

org.eclipse.emf.ecore_2.4.2.v200902171115 2.4.2

org.eclipse.persistence.moxy-2.4.2 2.4.2

org.w3c.css.sac_1.3.0.v200805290154 1.3.0

chartengineapi chartengineapi

com.ibm.icu_3.8.1.v20080530 com.ibm.icu_3.8.1.v20080530

 

 

Are you using log4J?

If you are using log4j 1.x version, are you using JMSAppender class

if you are using log4j 2.x are , what is your security recommendation to fix the issue

 

 

 

Thanks and regards,

 

Amit Kumar

Tech Lead, Software Development Engineering

Financial & Risk Management Solutions

Mobile: +91-9990094588

Upcoming R&R:

Fiserv

Helping Small Businesses Get Back2Business
Fiserv | Join Our Team | Twitter | LinkedIn | Facebook
FORTUNE World's Most Admired Companies®
2014 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 | 2021

© 2021 Fiserv Inc. or its affiliates. Fiserv is a registered trademark of Fiserv Inc. Privacy Notice
© 2021 Fortune Media IP Limited. Used under license. 

 

Back to the top