On This Page
Mitigating Apache Log4j (Log4Shell) Vulnerabilities
Overview
This topic describes the mitigation available for the recently identified log4j vulnerabilities, currently including the following:
Fixes for these vulnerabilities are included in upgrades to this and subsequent releases of TOS Aurora.
TOS Aurora R21-3
CVE | Manual Mitigation Without Requiring Upgrade |
Scheduled Hotfix |
---|---|---|
|
Not available |
Resolved in TOS Aurora R21-3 PGA.1.0 |
|
Not available |
Resolved in TOS Aurora R21-3 PGA.1.0 |
|
Not available |
Resolved in TOS Aurora R21-3 PGA.1.0 |
|
Not available |
Resolved in TOS Aurora R21-3 PHF1.0.0 |
TOS Aurora R21-2
CVE | Manual Mitigation Without Requiring Upgrade |
Scheduled Hotfix |
---|---|---|
|
Not available |
Resolved in TOS Aurora R21-2 PHF1.1.0 |
|
Not available |
Resolved in TOS Aurora R21-2 PHF1.1.0 |
|
Not available |
Resolved in TOS Aurora R21-2 PHF2.0.0 |
|
Not available |
Not planned. Upgrade to a more recent version of TOS that includes this fix |
TOS Aurora R21-1 or earlier
Upgrade to a supported TOS Aurora release that includes the CVE fix.