Author Topic: Critical vulnerability in Apache software program  (Read 431 times)

0 Members and 1 Guest are viewing this topic.

Offline ssfc72

  • Member
  • Master
  • *
  • Posts: 1973
Critical vulnerability in Apache software program
« on: December 11, 2021, 06:05:52 am »
https://globalnews.ca/news/8442925/software-vulnerability-internet-log4shell/

The flaw may be the worst computer vulnerability discovered in years. It was uncovered in a utility that’s ubiquitous in cloud servers and enterprise software used across industry and government
Mint 19.1 on a Dell 14" Inspiron notebook, HP Pavilion X360, 11" k120ca notebook (Linux Lubuntu), Dell 13" XPS notebook computer (MX Linux)
Cellphone Samsung A50, PCMobile pay as you go

Offline Jason

  • Administrator
  • Master
  • *****
  • Posts: 4071
  • Humanist. Skeptic. Husband.
Re: Critical vulnerability in Apache software program
« Reply #1 on: December 11, 2021, 07:08:09 am »
And a good morning to you, too!

After totally freaking out, I updated the server. Then I realized the vulnerability is optional software for Apache (web server software) and not Apache itself. And we don't use it. Phew! There were updates for Apache. But that probably involves linking to this utility.

So we're good. :) But there will be a lot of busy sysadmins today! Scary stuff!
"With all its sham, drudgery, and broken dreams, it is still a beautiful world." - Max Ehrmann, Desiderata