On this early release episode, Kyle and Dan talk about the log4shell vulnerability and how to mitigate the risk for PeopleSoft.
- log4shell – Vulnerability issue with log4j @ 0:30
- Remediation @ 18:45
- Add “-Dlog4j2.formatMsgNoLookups=true” to your JAVA_OPTS parameter
- Scanner tool
- Dan’s sample script to identify vulnerable libraries
- PeopleTools Patch for Log4Shell @ 29:00
- How does affect PS/Oracle products down the road? @ 40:00