Log4j and VMware Tanzu Application Service

December 17, 2021

This video goes into detail on how to perform application and platform mitigation of the Log4j CVEs using VMware Tanzu Application Service. Please note: This content is relevant as of 12/16/21 and could become outdated due to the ever-changing Log4j situation. Here are some additional resources regarding this vulnerability: High-level VMware Security Advisory: https://www.vmware.com/security/advisories/VMSA-2021-0028.html Tanzu Application Service KB: https://community.pivotal.io/s/article/Workaround-instructions-to-address-CVE-2021-44228-in-Tanzu-Application-Service-2-7-through-2-12?language=en_US Operations Manager KB: https://community.pivotal.io/s/article/5004y00001mPn2N1639255611105?language=en_US Buildpack KB: https://community.pivotal.io/s/article/CVE-2021-44228-Apache-Log4j2-JNDI-Remote-Code-Execution?language=en_US Apache Lo4j security link: https://logging.apache.org/log4j/2.x/security.html Example java code: https://stackoverflow.com/questions/70317385/gradle-java-how-to-upgrade-log4j-safely/70321593

Previous
Make Your Move to Multi-Cloud Kubernetes with VMware Tanzu
Make Your Move to Multi-Cloud Kubernetes with VMware Tanzu

To meet Drax Group’s objective of a zero-carbon, lower-cost energy future, the company needed to change its...

Next Video
Tanzu Talk: ☃️? ?❄️ Tanzu Application Platform Holiday Special, or, DevX for kubernetes
Tanzu Talk: ☃️? ?❄️ Tanzu Application Platform Holiday Special, or, DevX for kubernetes

☃️?It’s the Tanzu Talk Holiday Special!?❄️ Coté covers all the recent developments with the Tanzu Applicati...