Thank you very much for your reply.
We want to remove the java class JMSAppender from the jar file. But it would be much better, if you do so by providing a new (sub)release, or else we would have to remove it in each new release in our organizational context. We are pretty sure, that many users would feel better, if you do so.
Would you be so kind as to give us a positive answer to our request?
Is Cmap Tools affected by the Log4J security vulnerabilities?
Forum rules
Before you post a problem or bug, please be sure you have included the version number of IHMC CmapTools, the operating system and version, the amount of RAM, and any other information that allows us to be able to replicate the problem you are having. (i.e. what were you doing when the problem occur? were you running another program (application) by the time you have the problem?)
Before you post a problem or bug, please be sure you have included the version number of IHMC CmapTools, the operating system and version, the amount of RAM, and any other information that allows us to be able to replicate the problem you are having. (i.e. what were you doing when the problem occur? were you running another program (application) by the time you have the problem?)
-
- Posts: 3
- Joined: Tue Dec 14, 2021 9:20 am
-
- Posts: 3
- Joined: Tue Dec 14, 2021 9:20 am
Re: Is Cmap Tools affected by the Log4J security vulnerabilities?
IHMC CmapTools: 6.04 – Windows – as a pure client application
Preferences:
Autosave: Save Cmaps Every 1 minute(s)
Cloud Account: Cloud Account is not used.
Places & Servers: Internet Host Name = *.ihmc.us Port 8080 or 80 + WebServerPort = 443
Directories of Places: Internet Host Name = dop.ihmc.us: activated = true / Port = 80 / Web Server Port = 8001
Discussion Threads = Keep my user ID anonymous = false
Proxy Configuration = do not use proxy server = true
---
Thank you very much for your reply.
We want to remove the java class JMSAppender from the jar file. But it would be much better, if you do so by providing a new (sub)release, or else we would have to remove it in each new release in our organizational context. We are pretty sure, that many users would feel better, if you do so. Would you be so kind as to give us a positive answer to our request?
Preferences:
Autosave: Save Cmaps Every 1 minute(s)
Cloud Account: Cloud Account is not used.
Places & Servers: Internet Host Name = *.ihmc.us Port 8080 or 80 + WebServerPort = 443
Directories of Places: Internet Host Name = dop.ihmc.us: activated = true / Port = 80 / Web Server Port = 8001
Discussion Threads = Keep my user ID anonymous = false
Proxy Configuration = do not use proxy server = true
---
Thank you very much for your reply.
We want to remove the java class JMSAppender from the jar file. But it would be much better, if you do so by providing a new (sub)release, or else we would have to remove it in each new release in our organizational context. We are pretty sure, that many users would feel better, if you do so. Would you be so kind as to give us a positive answer to our request?
-
- Site Admin
- Posts: 799
- Joined: Sat Dec 13, 2008 2:22 pm
Re: Is Cmap Tools affected by the Log4J security vulnerabilities?
We are working on preparing a new release with an updated log4j. We'll let you know as soon as its ready.
-
- Site Admin
- Posts: 799
- Joined: Sat Dec 13, 2008 2:22 pm
Re: Is Cmap Tools affected by the Log4J security vulnerabilities?
We'll look into removing the JMSAppender class in this new release.