- Mark as New
- Bookmark
- Subscribe
- Mute
- RSS Feed
- Permalink
- Report Inappropriate Content
Found this site: https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes/blob/main/md5sum.txt
There's also a version numbers with checksums.
So basically what I did was:
to find log4j-core
find /opt/sas/config/ -name log4j-core* -print
to get md5sum and compare with the ones You get from link above
for i in `find /opt/sas/config/ -name log4j-core* -print`; do md5sum "$i"; done
We also have 9.4M6 and I got versions log4j-core-2.11.1 (71d3394226547d81d1bf6373a5b0e53a) and log4j-core-2.1 (8d331544b2e7b20ad166debca2550d73).
- Mark as New
- Bookmark
- Subscribe
- Mute
- RSS Feed
- Permalink
- Report Inappropriate Content
As SAS provides updated guidance and news about the log4j vulnerability, we're updating the official security bulletin. To be notified when these updates occur, subscribe to this topic: Updates on log4j Remote Code Execution Vulnerability (CVE-2021-44228). SAS Technical Support will add changelog info with each update, and subscribers will receive a notification as these are published. There's also an RSS feed you can follow.
- Mark as New
- Bookmark
- Subscribe
- Mute
- RSS Feed
- Permalink
- Report Inappropriate Content
Does anyone know on the depot?
I see the loguccino instruction say don't run on the depot, so do you just leave that alone completely, or remove the files manually from there?
- Tags:
- Oes an
- Mark as New
- Bookmark
- Subscribe
- Mute
- RSS Feed
- Permalink
- Report Inappropriate Content
The advice from SAS is to re-run loguccino on your system every time you do anything that involves the depot, because it is conceivable that you reintroduced a previously fixed log4j issue.
Register today and join us virtually on June 16!
sasglobalforum.com | #SASGF
View now: on-demand content for SAS users
- « Previous
-
- 1
- 2
- Next »