Post Go back to editing

Apache Log4j Vulnerability

Hi,

I saw the vulnerability in the Apache Log4j Java logging library described in [CVE-2021-44228](nvd.nist.gov/.../CVE-2021-44228)

Are Analog Devices evaluation boards like ad9081 and other evaluation boards come with software have been evaluated for Apache Log4J? 

Is there any software update that is needed for this vulnerability of Apache Log4j?

Thank you, 

Babak

Parents
  • Hi,

    Log4j is a Java-based logging utility. It is part of the Apache Logging Services, a project of the Apache Software Foundation.

    There is also log4c and log4js (which is not susceptible to the exploit).

     

    We don't install apache in our Kuiper Linux distribution (although end users could), and Log4j is also not installed.

    I can't speak for the entire company, but JAVA is typically not used in our evaluation software, since it's typically written in C#.

    -Michael 

Reply
  • Hi,

    Log4j is a Java-based logging utility. It is part of the Apache Logging Services, a project of the Apache Software Foundation.

    There is also log4c and log4js (which is not susceptible to the exploit).

     

    We don't install apache in our Kuiper Linux distribution (although end users could), and Log4j is also not installed.

    I can't speak for the entire company, but JAVA is typically not used in our evaluation software, since it's typically written in C#.

    -Michael 

Children