Jump to content
The ibi Community has moved to a new platform: Please Sign In and choose Forgot Password to continue

Webfocus 82 - Fix log4j 1.2 vulnerability and support for open JDK


Madhavan TR

Recommended Posts

1) We have noticed the vulnerable log4j being used by Webfocus. Any suggestions to avoid this vulnerability?

Apache Log4j 1.2.17 (ibiWebFOCUS82ReportCasterliblog4j-1.2.17.jar)

2) Can we use Open JDK for running our webserver (Apache Tomcat) or we need to use only Oracle JRE? Will there be any impact on webfocus ? If there is any certification matrix, please let us know. Note: We have web server and webfocus installed in the same machine

Link to comment
Share on other sites

Recent versions of WebFOCUS have fixes for log4j vulnerabilities - depending on your version there will be hotfixes off you need to update to a recent version

details here

https://support.tibco.com/s/article/TIBCO-WebFOCUS-TIBCO-WebFOCUS-Reporting-Server-and-TIBCO-Data-Migrator-8207-27-0-to-8207-28-05-Hotfixes

yes you can use open source versions of java

I‘m using https://adoptium.net/

For supported versions please check the installation manual of the WebFOCUS version you are using - as this depends on your version

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
  • Create New...