Menu
I am stuck with legacy code that uses log4j 1.2.12, and am trying to resolve some errors it is throwing about appenders. I cannot find documentation for log4j 1.2 - I keep getting redirected to log4j 2. Nice, but not helpful. The main documentation for 1.2 doesn't have any sample xml. If anybody can point me to good documentation on this I would really appreciate it.
378
Details of CVE-2021-4104JMSAppender, in log4j 1.2 version, is vulnerable to deserialization of untrusted data if the attacker has the 'write' permissions to the log4j configuration.
The original documentation was available at http://wiki.apache.org/logging-log4j/Log4jXmlFormat
The wiki is in maintenance at the moment, so I cannot verify that the link is still valid. You will find the document at archive.org: http://web.archive.org/web/20121024061840/http://wiki.apache.org/logging-log4j/Log4jXmlFormat
144
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
