stellaritysoftware / TFS Repository Plugin / issues / #86 - Update on CVE-2021-44228 — Bitbucket

Issue #86 resolved

Sharda GUPTA created an issue 2021-12-15

Hi team,

‌

Please confirm if the latest security advisory released by Atlassian (CVE-2021-44228) have any impact on the below plugins on Bamboo (server) installation:

‌

Apologies if this is not the right place for this information but had no way to reach you and was unable to search in any of the wikis.

Regards,

Sharda

Comments (4)

Sergey Podobry
- changed status to open
- 2021-12-15T17:48:29+00:00
Sergey Podobry
Hi Sharda!

It’s a good place to ask questions.

All our addons use Bamboo's log4j facility and don't make any changes to it, add JMS Appender or include javax.jms API in the CLASSPATH.

So you're safe unless someone has write access to the Bamboo's log4j.properties file.

Also read FAQ for CVE-2021-44228 from Atlassian for additional information.
- 2021-12-15T17:55:38+00:00
Sergey Podobry
- changed status to resolved
- 2021-12-15T18:52:45+00:00
Sharda GUPTA Account Deactivated reporter
Hey Sergey,

Thank you for the update. Your quick response is highly appreciated!

Have a nice day..

Regards,

Sharda
- 2021-12-15T22:49:51+00:00
Log in to comment

Assignee: –

Type: task

Priority: major

Status: resolved

Version: 1.1.23

Votes: 0

Watchers: 1

Jira: the preferred issue tracker for Bitbucket. Join the team!