Register for the iXsystems Community to get an ad-free experience and exclusive discounts in our eBay Store.

log4j vulnerability?

elvisimprsntr

Member
Joined
Jun 2, 2019
Messages
244
Any comment from iXsystems? Or are we intentionally maintaining OPSEC?

 
Last edited:

Samuel Tai

Never underestimate your own stupidity
Moderator
Joined
Apr 24, 2020
Messages
3,606
Running find / -name log4j* -print on my 12.0-U7 system results in no hits. I don't think it's part of a vanilla install. However, that notice says ElasticSearch relies on log4j, so anyone who has installed ES in a jail will need to take precautions. Just off the top of my head, Graylog relies on ES, as does the SpotLight search for SMB shares.
 

Patrick M. Hausen

Wizened Sage
Joined
Nov 25, 2013
Messages
4,013
TrueNAS does not use any Java components. What would you want to check if the vulnarable software clearly isn't there?
 
Top