Apache Log4J vulnerability
16. Dez 2021

Update: Release of interim patch by Oracle for temporary workaround of Log4j vulnerability

 

An interim patch has been released by Oracle. This patch should work for all affected P6 EPPM versions as of 19.12. and can be used on PPM installations if required.

The statement from Oracle about the release of the interim patch can be found here.

This issue has been resolved within the following interim patch:

Please refer to the README documentation for steps to apply the interim patch.
The single patch is applicable to all affected releases. The patch can also be applied to the P6 PPM (Integration API) component).

**15Dec21 UPDATE**

This patch was remediated on 15Dec21 to address both CVE-2021-44228 and CVE-2021-45046.

ACTION ITEMS:
• If you downloaded/applied the patch prior to 15Dec21, you will have to re-download and apply the new patch.
• If you applied a previously documented JVM parameter workaround, you will have to download and apply the patch to mitigate.

Update: Tools, interfaces and environments of proadvise GmbH

proimporter: We are working hard to implement the interim patch for the proimporter on-premise together with the P6 version 19.12 to 20.12.
excelP6ConfigTool: We are working at full speed to implement the interim patch for excelP6ConfigTool.
SaaS environment: the measures published by Oracle to fix the problem will be implemented on the pa SaaS environment in a timely manner. An update after successful implementation will be provided under News & Blog.
P6 customer interfaces and add-ons: customers with API and web service interfaces please contact our support for individual analysis.

In case of need or open questions, please feel free to contact us.

Note: For an overview of possible affected vendors, click here:

proadvise GmbH
Brühlweg 4
73663 Berglen

Newsletter

Melden Sie sich hier an zu unserem Newsletter und sichern Sie sich Ihren Wissensvorsprung!

Jetzt anmelden

Copyright © 2020 proadvise.com - Alle Rechte vorbehalten.
Design und Programmierung webart-IT UG (haftungsbeschränkt)