1. Describe your incident:
Because of the log4j Problem could you release older verisons of graylog with the fixed log4j patched?
log4j is a big problem and to be foreced to update is a nighmare on its own. i know getting support for older veriosns is not possible but could you help to reduce the work all ops/dev/IT personal has to tackle it by releasing minor veriosn updates of the affected graylog packages.
1 Like
Hi Geosone
I’m sure you saw on the blog post that listed the versions of Graylogs that have been released with the fix. These are:
3.3.14-2
4.0.13-2
4.1.8-2
4.2.2-2
To be honest, the key tennant of keeping modern software secure is to keep it as up to date as possible. If you are using a Graylog version older than 3.3.14-2, you are seriously out of date and likely have a number of security vulnerabilities that have since been patched out. I realise its not what you want to hear, but you should look to upgrade Graylog - preferably to 4.2.2.
If you are worried about the upgrade process, perhaps if you outline your concerns we can help with that?
1 Like
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.