[prev in list] [next in list] [prev in thread] [next in thread]
List: jmeter-user
Subject: Re: Jmeter release with CVE-2021-44228 mitigation
From: Philippe Mouawad <p.mouawad () ubik-ingenierie ! com>
Date: 2021-12-14 15:32:49
Message-ID: CAH9fUpYBWT-2+EnKhZR18NmXEozmMuk5YRUa7p3YoQtk3mUsrQ () mail ! gmail ! com
[Download RAW message or body]
Hello,
You can read this blog which details how to proceed:
-
https://www.ubik-ingenierie.com/blog/jmeter-and-the-log4j2-vulnerability/
Regards
Philippe M.
On Tue, Dec 14, 2021 at 4:00 PM Smruti Ranjan Roul
<sranjanroul@firstam.com.invalid> wrote:
> I have just raised this recently. But from one of the forum, I came to
> know that you can download the log4j jar files and replace on the JMeter
> package. The latest 2.16 version is readily available.
>
> https://logging.apache.org/log4j/2.x/download.html
>
> Thanks,
> Smruti
>
>
> -----Original Message-----
> From: Valeriy Zabawski <dziki7jam@gmail.com>
> Sent: Tuesday, December 14, 2021 8:04 PM
> To: user@jmeter.apache.org
> Subject: Jmeter release with CVE-2021-44228 mitigation
>
> Hello everyone. I've noticed a commit in Jmeter GitHub repo that mitigates
> a recently discovered vulnerability in log4j library used by Jmeter.
> As far as I can see, this fix was only added to the code and new builds
> with the updated library were made. Does anyone know when the new version
> with log4j 2.15 library will be released? Also, I would like to know if
> Jmeter 2 and 3 will receive such fixes.
> Link to commit with fix:
>
> https://urldefense.com/v3/__https://github.com/apache/jmeter/commit/403842148e82c24e \
> 560c365efd8b7290076b0ba5__;!!L1aKtqoz4WY!JdHOFM5ACmAheHSIA4e7asv2KEub2AmAgQuSm_pS11IdipbeLWfba4K8YTpmVX1xrg$
>
> Thanks in advance.
>
>
> ******************************************************************************************
> This message may contain confidential or proprietary information intended
> only for the use of the addressee(s) named above or may contain information
> that is legally privileged.
> If you are not the intended addressee, or the person responsible for
> delivering it to the intended addressee, you are hereby notified that
> reading, disseminating, distributing or copying this message is strictly
> prohibited.
> If you have received this message by mistake, please immediately notify us
> by replying to the message and delete the original message and any copies
> immediately thereafter.
>
> If you received this email as a commercial message and would like to opt
> out of future commercial messages, please let us know and we will remove
> you from our distribution list.
>
> Thank you.
>
> ******************************************************************************************
> FAFLD
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
> For additional commands, e-mail: user-help@jmeter.apache.org
>
--
Cordialement
Philippe M.
Ubik-Ingenierie
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic