Subj : Re: Apache Log4j vulnerability
To   : bugz_ubuntu
From : MeaTLoTioN
Date : Wed Dec 15 2021 09:01:47

Reposting this as it feels relevant.


On 15 Sep 2020, bugz_ubuntu said the following...
 
 bu> Apache Log4j vulnerability
 bu> 
 bu>    A security issue affects these releases of Ubuntu and its
 bu>    derivatives:
 bu> 
 bu>      * Ubuntu 18.04 LTS
 bu> 
 bu>   Summary
 bu> 
 bu>    Apache Log4j could be made to remotely execute arbitrary code if
 bu>    it received specially crafted log data.
 bu> 
 bu>   Software Description
 bu> 
 bu>      * apache-log4j1.2 - Java-based open-source logging tool
 bu> 
 bu>   Details
 bu> 
 bu>    It was discovered that Apache Log4j does not properly deserialize
 bu>    untrusted data. An attacker could possibly use this issue to
 bu>    remotely execute arbitrary code. (CVE-2019-17571)
 bu> 
 bu> Update instructions
 bu> 
 bu>    The problem can be corrected by updating your system to the
 bu>    following package versions:
 bu> 
 bu>    Ubuntu 18.04 LTS
 bu>            liblog4j1.2-java - 1.2.17-8+deb10u1build0.18.04.1
 bu> 
 bu>    To update your system, please follow these instructions:
 bu>    https://wiki.ubuntu.com/Security/Upgrades.
 bu> 
 bu>    In general, a standard system update will make all the necessary
 bu>    changes.
 bu> 
 bu> References
 bu> 
 bu>      * CVE-2019-17571
 bu> 
 bu> --- Mystic BBS v1.12 A45 (Linux/64)
 bu>  * Origin: BZ&BZ BBS (21:4/110)

---
|14Best regards,
|11Ch|03rist|11ia|15n |11a|03ka |11Me|03aTLoT|11io|15N

|07ÄÄ |08[|10eml|08] |15ml@erb.pw |07ÄÄ |08[|10web|08] |15www.erb.pw |07ÄÄÄ¿
|07ÄÄ |08[|09fsx|08]  |1521:1/158 |07ÄÄ |08[|11tqw|08] |151337:1/101 |07ÂÄÄÙ
|07ÄÄ |08[|12rtn|08] |1580:774/81 |07ÄÂ |08[|14fdn|08] |152:250/5 |07ÄÄÄÙ
|07ÄÄ |08[|10ark|08]  |1510:104/2 |07ÄÙ

.... A .GIF is worth a thousand .TXT.

--- Mystic BBS v1.12 A47 2021/12/13 (Linux/64)
 * Origin: thE qUAntUm wOrmhOlE, rAmsgAtE, uK. bbs.erb.pw (21:1/158)

.