Postgres Pro
Downloads
Home   >   mailing lists

RE: PostgreSQL - CVE-2021-44228 - dependency on Log4j ? - Mailing list pgsql-admin

From
Subject RE: PostgreSQL - CVE-2021-44228 - dependency on Log4j ?
Date
Msg-id 016601d7f02b$0a2cff20$1e86fd60$@co.uk
Whole thread Raw
In response to PostgreSQL - CVE-2021-44228 - dependency on Log4j ?  ("Joao COSTA" <jcosta@pictet.com>)
List pgsql-admin
Tree view

Posting this response even though it is not directly related to pgsql-admin.

There is a nice write-up on the Sophos Naked Security blog about the Log4j issue: https://nakedsecurity.sophos.com/2021/12/13/log4shell-explained-how-it-works-why-you-need-to-know-and-how-to-fix-it/?fbclid=IwAR07rHlcNqC74hktC9X_8DZF5QgiQwzuaVlnO3WXKrn3vznd_9BuFlZuoYY

This includes information about checking if your server is affected and how to update to the patched version of log4j-core and log4j-api

 

The original question asked if PostreSQL is dependent but my understanding is that we should be asking “Is anything on my server using Log4j”.

Hope this helps.

Dave

 

From: Joao COSTA [mailto:jcosta@pictet.com]
Sent: 13 December 2021 10:20
To: pgsql-admin@lists.postgresql.org
Subject: PostgreSQL - CVE-2021-44228 - dependency on Log4j ?

 

Hi Community,

 

Is PostgreSQL instance dependent of this Log4J Library ?

I was looking on postgresql website  but I did not find anything

 

Many Thanks,

Joao

Banque Pictet & Cie SA

Route des Acacias 60
1211 Geneva 73 - Switzerland

Tel. +41 58 323 2323

Fax. +41 58 323 2324

group.pictet

 

 

 

This message is not intended for persons who are citizens of, domiciled or resident in, or entities registered in a country or jurisdiction in which its distribution, publication, provision or use would violate current laws and regulations. The content of this message is confidential and may be read and/or used only by the recipient of this message. For information about personal data protection, please refer to the Pictet Group’s Privacy Notice available at www.group.pictet/privacynotice. If you have received this e-mail message in error, please destroy it and delete it from your computer. The Pictet Group may not be held liable for the use, transmission or treatment of the content of this message. The recipient of this message remains solely liable for any form of reproduction, copying, disclosure, modification and/or publication of the content. No liability whatsoever will be incurred by the Pictet Group. The recipient of this message agrees to comply with the applicable laws and regulations in the jurisdictions where they use the information contained herein.

 

Attachment

pgsql-admin by date:

Previous
From: MichaelDBA
Date:
Subject: Re: [EXTERNAL] Re: Limits user connection in pgbouncer
Next
From: Daulat
Date:
Subject: Re: [EXTERNAL] Re: Limits user connection in pgbouncer