Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi,
is Talend BD 6.4.1 affected at all by the log4j vulnerability problem?
The Talend installation and workspace directories only contain older versions log4j-1.2.15.jar and log4j-1.2.16.jar.
The log4j problem affects only log4j versions higher than 2.0.
So am I correct that Talend BD 6.4.1 is not affected?
Hello,
we are waiting for a patch fixing this issue (TOS version 8.0.1). The last update of the article https://www.talend.com/security/incident-response/ was three weeks ago. The only information regarding a patch for TOS is "Remediation for Talend Open Source is not in scope". Are there any information when a patch for TOS approximately is beeing released?
I'm afraid a patch for TOS will not be released. It will be fixed in the next version. There are certain mitigation steps you can follow in the article you linked to.
@Richard Hall Thank you for your fast reply. Is it foreseeable when the next Version of TOS is beeing released?
Hi @Marc Veitinger,,
I am not currently aware of the schedule for the next release, but I have put a couple of questions out to our R&D team. When I get a response, I will update.
I should point out that they may not have this set in stone as yet since we have only just released v8. If that is the case, it may take a while before I can confirm a period.
Regards
Richard