OffHeap 69. Ok, so the internet burned down with Log4J.

Hopefully you have had some time to R&R, but if you were in tech around Dec 2020, you heard that there was this massive security incident around Log4j. It affected almost everyone, from large to small companies, and if you work in Java, chances are that you might’ve to work on it too (and if you haven’t, it’s a good idea to double-check your code)

It has a severity of “10”, which is rare, and what makes it hard to ignore. If you want to understand what it was about, and how it got there, then take a listen. Learn how to patch against it, as we travel and dive into the mechanics and the missed opportunities that happened.

http://www.javaoffheap.com/datadog
We thank DataDogHQ for sponsoring this podcast episode

DO follow us on twitter @offheap
http://www.twitter.com/offheap

News
MicroProfile 5.0:
https://microprofile.io/

Eclipse IDE Release
https://www.eclipse.org/downloads/packages/release/2021-12/r

NetBeans 12.6 Release
https://netbeans.apache.org/download/nb126/index.html

Spring Native 0.11 Release
https://docs.spring.io/spring-native/docs/current/reference/htmlsingle/

Discussion

Log4j2
https://www.lunasec.io/docs/blog/log4j-zero-day/

It made CNN:
https://www.cnn.com/2021/12/13/politics/us-warning-software-vulnerability/index.html

Leave a Reply

Your email address will not be published. Required fields are marked *