On this early release episode, Kyle and Dan talk about the log4shell vulnerability and how to mitigate the risk for PeopleSoft.

Show Notes

• log4shell – Vulnerability issue with log4j @ 0:30
  • Affected Products – Oracle
  • Affected Products – non-Oracle
  • Overview of the Vulnerability
  • Vulnerability Tester
• Remediation @ 18:45
  • Add “-Dlog4j2.formatMsgNoLookups=true” to your JAVA_OPTS parameter
  • Scanner tool
  • Dan’s sample script to identify vulnerable libraries
• PeopleTools Patch for Log4Shell @ 29:00
  • psadmin.io Community Notes on log4j patching
• How does affect PS/Oracle products down the road? @ 40:00