你们加班更新 2.17 了吗?
This topic created in 1617 days ago, the information mentioned may be changed or developed.
 |
1
chendy Dec 19, 2021
log4j 1.x 内网系统无所畏惧
|
 |
2
pocketz Dec 19, 2021
不说前因后果吗。。。
[CVE-2021-45105]( https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105) [Apache releases new 2.17.0 patch for Log4j to solve denial of service vulnerability]( https://www.zdnet.com/article/apache-releases-new-2-17-0-patch-for-log4j-to-solve-denial-of-service-vulnerability/) |
 |
3
keepRun Dec 19, 2021
这还不如换成 logback
|
 |
4
C02TobNClov1Dz56 Dec 20, 2021
@keepRun 不是据说 log4j2 性能高么, 看来高性能的东西漏洞就是多, 就像牙膏厂的幽灵熔断漏洞都比按摩店的多.
|
|
5
keepRun Dec 21, 2021
@chengyiqun logback 的性能更高
|
|
6
C02TobNClov1Dz56 Dec 21, 2021
@keepRun 这就是 springboot 默认集成 logback 的原因么
|
Select Language