The DecemTableau Product release, has integrated the Log4j 2.16 release, which disables JNDI Lookup by default. We have mitigated these outstanding components with configuration changes that disable the vulnerable JNDI lookup functionality. There may be diagnostic or auxiliary components still remaining. The DecemTableau Product releases updated the Log4j2 files to version 2.15. Alternatively, redeploying the services will also clean up the directories and deploy the updated files (see Configure Node Online Help Guide). For example, after making topology changes to change process counts or moving processes to another Tableau Server node. Versions of log4j- core-2.15 or earlier are safe to delete. These files are never accessed as part of Tableau Server operation and are safe to remove if desired. IMPORTANT NOTE: After updating to the Decemproduct releases, or newer, there may be cases where legacy files from previously configured processes are present on the file system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |