Download
| Alert*
|
oval:org.secpod.oval:def:1601530
The Apache Log4j hotpatch package starting with log4j-cve-2021-44228-hotpatch-1.1-16 will now explicitly mimic the Linux capabilities and cgroups of the target Java process that the hotpatch is applied to.In order to mimic the Linux capabilities of the target process, Amazon Linux 1 customers need t ... oval:org.secpod.oval:def:1601503 log4j-cve-2021-44228-hotpatch is installed oval:org.secpod.oval:def:1601556 Versions of the Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3-5 are affected by a race condition that could lead to a local privilege escalation.The Apache Log4j Hotpatch is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or CVE-2021-45046, it ... |
