You are not logged in. Please login or register.
iRedMail → iRedMail Support → Log4j (CVE-2021-44228)
Not sure how to check this, so asking: Is iredmail affected by this?
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.no, it does not use java
Does this hold true for ALL versions of iRedMail or just the latest? Specifically I am running:
iRedMail 0.9.8
iRedAdmin-Pro 2.9.0 (PostgreSQL)
iredmail never used java, and i guess will never do so aswell
There is a log4j implementation for perl. It is not affected by that advisory. It's just the java implementtions of log4j 2.4x (as I understand it).
Some java/jvm/jre implementations (e.g. Lucee) use log4j. But Lucee for example uses log4j 1.2x, which is not affected.
If you are running java, search your .jar files for log4j
e.g.
]# find / -name *.jar | grep log4j
/opt/lucee/tomcat/lucee-server/bundles/log4j-1.2.17.jar
/opt/lucee/tomcat/lucee-server/bundles/log4j-1.2.16.jar
iredmail never used java, and i guess will never do so aswell
lucee is not related to iredmail, and Log::Log4perl is NOT log4j, that's a huge difference
the question was only related to iredmail, not to any other software some ppl implemented on their servers
iRedMail doesn't install any Java programs by default, so it's crystal clear that ALL iRedMail releases are NOT AFFECTED by this log4j thing. BUT if you installed some Java program after iRedMail installation, then you should check with the program vendor to figure out whether the Java program is affected.
iRedMail → iRedMail Support → Log4j (CVE-2021-44228)
Powered by PunBB, supported by Informer Technologies, Inc.
Currently installed 2 official extensions. Copyright © 2003–2010 PunBB.
Generated in 0.009 seconds (65% PHP - 35% DB) with 10 queries