solved Log4J vulnerability

The term "Log4J" does not appear in a search of Jamroom, so I am hoping that this is not an issue for JR sites...unless it is a server-side issue that might affect JR sites (and everything else) on vulnerable servers.

Any public or private advice on this matter would be welcome.




--
PJ Matthews, Kyoto
Migrated from Ning 2.0. Now at Jamroom 6 beta and using Jamroom Hosting for The Research Cooperative (researchcooperative.org)
updated by @researchcooperative: 03/15/22 09:06:45AM

??

Can't understand the instructions. Where are you seeing Log4J and why does it make you nervous?

Thanks,

I am not seeing the term "Log4J", when I search the JR site, so I am hopeful that there is no problem for our JR site servers.

But that does not mean there is no problem. The "Log4J Vulnerability" is something much talked about since last week.

Just now I checked a Wordpress forum and found the following statement which I think answers my question:

"WordPress, plugins and themes are using PHP as server side language. log4j is a component for Java servlets. Its another programming language and it is not used in WordPress ecosystem (except maybe some very exotic integration plugins that work together with PHP and Java, but its very unlikely case)"

Since JR is based on PHP, I presume we have nothing to worry about here. I will mark this thread as solved.


--
PJ Matthews, Kyoto
Migrated from Ning 2.0. Now at Jamroom 6 beta and using Jamroom Hosting for The Research Cooperative (researchcooperative.org)
updated by @researchcooperative: 12/14/21 09:06:10PM

Yep. If its a java issue you're safe.