[RELEASE] Geneos 5.11.3, fix for Apache Log4j2 vulnerability

system · 21 December 2021 14:13

Released: 21 December 2021

This release delivers the updated binaries in the ITRS Downloads page for:

Active Console
Web Dashboard
Terracotta Messaging integration
VMware Monitor integration

Important

The Geneos 5.11.3 release includes updates to the following Geneos components and integrations to address the Apache Log4j vulnerabilities (CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105):

Active Console 5.11.3
Web Dashboard 5.11.3
Terracotta Messaging integration 2.0.235
VMware integration 1.4.20

We recommend upgrading to the latest version Geneos 5.11.3 or newer. We can also confirm that no other Geneos components are affected by this vulnerability.

If you are unable to upgrade, please see the mitigation and workaround information in Vulnerability in Apache Log4j.

Highlights

These are the highlights of this release:

The Apache Log4j library in the Active Console, Web Dashboard, Terracotta Messaging integration, and VMware Monitor integration, has been upgraded to 2.17.0 to fix the security vulnerability in Apache Log4j (CVE-2021-45105). We recommend upgrading to the latest version Geneos 5.11.3 or newer.

To know more about the impact of this issue to the ITRS products and components, see Vulnerability in Apache Log4j.

Topic		Replies	Views
[RELEASE] Geneos 5.11.2, fix for Apache Log4j2 vulnerability Announcements geneos	0	220	17 December 2021
[RELEASE] Geneos 5.11.1, fix for Apache Log4j2 vulnerability Announcements geneos	0	194	14 December 2021
[RELEASE] Geneos 5.12.0 Announcements geneos	0	185	26 January 2022
Vulnerability in Apache Log4j (CVE-2021-44228) Announcements	0	177	14 December 2021
About the Geneos category Geneos geneos	1	147	8 November 2021

[RELEASE] Geneos 5.11.3, fix for Apache Log4j2 vulnerability

Important

Highlights

Related Topics