Files for the Bioschemas website.
DataTables source repository
A collection of metadata, tools, and files associated with the Gene Ontology public web presence.
Ontology Lookup Service from SPOT at EBI
thank for your reply. First of all that sounds good. But I found this:
Log4j version 1.x is not directly vulnerable, because it does not offer a JNDI look up mechanism. However, Log4j 1.x comes with JMSAppender, which will perform a JNDI lookup if enabled in Log4j's configuration file (i.e., log4j.properties or log4j.xml). Thus, an attacker who can write to an application's Log4j configuration file can perform a remote code execution attack whenever Log4j 1.x reads its malicious configuration file. Source: https://www.technology.pitt.edu/content/additional-guidance-regarding-log4j-vulnerability
Is the JMSAppender disabled in OLS/OxO?
comment created time in a month
Dear OLS team, Dear @henrietteharmse, Dear @udp,
did you think there are any problems in context of the Log4j security issues for OLS? OLS is using an older version of Apache Solr. As far as I know that is a problem because Solr uses Log4j. That sounds for me it could be critical to use OLS.
So is there a way to upgrade or disable this functionality to get rid of the risk of this issue?
I'm looking forward,
created time in a month