ROR and log4j RCE vulnerability

2 views

Skip to first unread message

Liz Krznarich

unread,

Dec 15, 2021, 2:17:44 PM12/15/21

to ROR Tech Support

Hi all,

No doubt many of you are grappling with the log4j2 RCE vulnerability that was discovered last week. Here at ROR, we don't use log4j directly, however, we do use Apache ElasticSearch via AWS' Opensearch service, which means that we indirectly use log4j. Exposure here is extremely limited, and AWS is in the process of applying the latest log4j update to all Opensearch instances. I'm happy to report that ROR instances were updated as of this morning.

Cheers,

Liz

---

Liz Krznarich, DataCite | ROR Adoption Manager
l...@ror.org | https://ror.org | @ResearchOrgs

Reply all

Reply to author

Forward

0 new messages