Nacos是否受到log4j2零日漏洞的影响 #7407
Labels
Comments
li-xiao-shuang
added
the
kind/question
|
Dear,非常感谢。发自我的华为手机-------- 原始邮件 --------发件人: 李晓双 Li Xiao Shuang ***@***.***>日期: 2021年12月13日周一 12:20收件人: alibaba/nacos ***@***.***>抄送: iigx ***@***.***>, Author ***@***.***>主 题: Re: [alibaba/nacos] Nacos是否受到log4j2零日漏洞的影响 (Issue #7407)
可以看下 nacos-group/nacos-docker#226
—You are receiving this because you authored the thread.Reply to this email directly, view it on GitHub, or unsubscribe.Triage notifications on the go with GitHub Mobile for iOS or Android.
|
|
However the docker image have log4j jars, I have one request to remove them # jar -tvf nacos-server.jar |grep -i log
....
23702 Mon Dec 16 22:00:18 CST 2019 BOOT-INF/lib/log4j-over-slf4j-1.7.30.jar
17522 Tue Feb 05 18:14:20 CST 2019 BOOT-INF/lib/log4j-to-slf4j-2.11.2.jar
292301 Sun May 10 12:07:56 CST 2020 BOOT-INF/lib/log4j-api-2.13.3.jar |
|
Thanks for your feedback and contribution. But the issue/pull request has not had recent activity more than 180 days. This issue/pull request will be closed if no further activity occurs 7 days later. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
咨询一下大家,NACOS的最新版本2.0.3是否受到本次log4j2远程代码执行漏洞的影响?
The text was updated successfully, but these errors were encountered: