[Info-vax] Java, log4j, log4shell, and OpenVMS: CVE-2021-44228
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Tue Dec 14 15:15:50 EST 2021
On 2021-12-14, Arne Vajhøj <arne at vajhoej.dk> wrote:
> On 12/14/2021 11:39 AM, Stephen Hoffman wrote:
>> HPE has indicated that 3PAR and some other products are vulnerable to
>> this mess,
>
> Which is a pretty good indication of how big the problem is.
>
> 3PAR is not exactly what one assocoate with a Java server.
>
> Some security guy was out in the medias today and say that they expect
> it to take 2 years before everyone has patched.
>
Based on previous major events, that would not surprise me.
Perhaps now we might actually move away from needing to use 5 zillion
layers to be able to write a modern version of a Hello World application...
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
More information about the Info-vax
mailing list