Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ZOOKEEPER-3677 owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer #1209

Closed
wants to merge 1 commit into from
Closed

ZOOKEEPER-3677 owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer #1209

wants to merge 1 commit into from

Conversation

eolivelli
Copy link
Contributor

Suppress error for CVE-2019-17571 as it does not affect us.
We are not running the log4j server.

@eolivelli
ZOOKEEPER-3677 owasp checker failing for - CVE-2019-17571 Apache Log4…
5610132 
…j 1.2 deserialization of untrusted data in SocketServer
phunt
phunt approved these changes Jan 9, 2020
View reviewed changes
Copy link
Contributor

@phunt phunt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1 - lgtm.

@asfgit asfgit closed this in 3bd6b19 Jan 18, 2020
asfgit pushed a commit that referenced this pull request Jan 18, 2020
@eolivelli @phunt
ZOOKEEPER-3677: owasp checker failing for - CVE-2019-17571 Apache Log…
b4d9e57 
…4j 1.2 deserialization of untrusted data in SocketServer

Suppress error for CVE-2019-17571 as it does not affect us.
We are not running the log4j server.

Author: Enrico Olivelli <eolivelli@apache.org>

Reviewers: phunt@apache.org

Closes #1209 from eolivelli/fix/ZOOKEEPER-3677-owasp-log4j

Change-Id: I0ef24a7b142cd32ccf4f5c18f9e0c0132a413d6c
(cherry picked from commit 3bd6b19)
Signed-off-by: Patrick Hunt <phunt@apache.org>
asfgit pushed a commit that referenced this pull request Jan 18, 2020
@eolivelli @phunt
ZOOKEEPER-3677: owasp checker failing for - CVE-2019-17571 Apache Log…
df1dc82 
…4j 1.2 deserialization of untrusted data in SocketServer

Suppress error for CVE-2019-17571 as it does not affect us.
We are not running the log4j server.

Author: Enrico Olivelli <eolivelli@apache.org>

Reviewers: phunt@apache.org

Closes #1209 from eolivelli/fix/ZOOKEEPER-3677-owasp-log4j

Change-Id: I0ef24a7b142cd32ccf4f5c18f9e0c0132a413d6c
(cherry picked from commit 3bd6b19)
Signed-off-by: Patrick Hunt <phunt@apache.org>
junyoungKimGit pushed a commit to junyoungKimGit/zookeeper that referenced this pull request Feb 7, 2020
@eolivelli @junyoungKimGit
ZOOKEEPER-3677: owasp checker failing for - CVE-2019-17571 Apache Log…
9472e40 
…4j 1.2 deserialization of untrusted data in SocketServer

Suppress error for CVE-2019-17571 as it does not affect us.
We are not running the log4j server.

Author: Enrico Olivelli <eolivelli@apache.org>

Reviewers: phunt@apache.org

Closes apache#1209 from eolivelli/fix/ZOOKEEPER-3677-owasp-log4j

Change-Id: I0ef24a7b142cd32ccf4f5c18f9e0c0132a413d6c
stickyhipp pushed a commit to stickyhipp/zookeeper that referenced this pull request Aug 19, 2020
@eolivelli @stickyhipp
ZOOKEEPER-3677: owasp checker failing for - CVE-2019-17571 Apache Log…
94cf4b1 
…4j 1.2 deserialization of untrusted data in SocketServer

Suppress error for CVE-2019-17571 as it does not affect us.
We are not running the log4j server.

Author: Enrico Olivelli <eolivelli@apache.org>

Reviewers: phunt@apache.org

Closes apache#1209 from eolivelli/fix/ZOOKEEPER-3677-owasp-log4j

Change-Id: I0ef24a7b142cd32ccf4f5c18f9e0c0132a413d6c
RokLenarcic pushed a commit to RokLenarcic/zookeeper that referenced this pull request Aug 31, 2022
@eolivelli @RokLenarcic
ZOOKEEPER-3677: owasp checker failing for - CVE-2019-17571 Apache Log…
77105de 
…4j 1.2 deserialization of untrusted data in SocketServer

Suppress error for CVE-2019-17571 as it does not affect us.
We are not running the log4j server.

Author: Enrico Olivelli <eolivelli@apache.org>

Reviewers: phunt@apache.org

Closes apache#1209 from eolivelli/fix/ZOOKEEPER-3677-owasp-log4j

Change-Id: I0ef24a7b142cd32ccf4f5c18f9e0c0132a413d6c
RokLenarcic pushed a commit to RokLenarcic/zookeeper that referenced this pull request Sep 3, 2022
@eolivelli @RokLenarcic
ZOOKEEPER-3677: owasp checker failing for - CVE-2019-17571 Apache Log…
78d1836 
…4j 1.2 deserialization of untrusted data in SocketServer

Suppress error for CVE-2019-17571 as it does not affect us.
We are not running the log4j server.

Author: Enrico Olivelli <eolivelli@apache.org>

Reviewers: phunt@apache.org

Closes apache#1209 from eolivelli/fix/ZOOKEEPER-3677-owasp-log4j

Change-Id: I0ef24a7b142cd32ccf4f5c18f9e0c0132a413d6c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@phunt phunt phunt approved these changes

@anmolnar anmolnar Awaiting requested review from anmolnar

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@eolivelli @phunt