Skip to content

Spark Datasource HadoopCryptoLedger V1.3.1
Compare
Choose a tag to compare
@jornfranke jornfranke released this 11 Dec 23:43
· 7 commits to main since this release
s-hcl-ds-1.3.1
ee0a08d
  • Based on HadoopCryptoLedger V1.3.1
  • Addressed #21
  • Various dependency and build tool updates
  • Various updates to examples

Note: Independent of updating the dependencies - as a defense in the depth - we recommend additionally to upgrade to the latest JDK8 (at least > 191, better the latest) or JDK11/JDK17 and to set the Java System properties (e.g. via -D) "log4j2.formatMsgNoLookups" to "true" and set "com.sun.jndi.rmi.object.trustURLCodebase" and "com.sun.jndi.cosnaming.object.trustURLCodebase" to "false".
You may want to set the environment variable JAVA_TOOL_OPTIONS in any case as follows

export JAVA_TOOL_OPTIONS="-Dlog4j2.formatMsgNoLookups=true -Dcom.sun.jndi.rmi.object.trustURLCodebase=false -Dcom.sun.jndi.cosnaming.object.trustURLCodebase=false"

Additionally set the environment LOG4J_FORMAT_MSG_NO_LOOKUPS to true

export LOG4J_FORMAT_MSG_NO_LOOKUPS=true

especially in all your container images and redeploy the container images to all environments where they are running

ENV LOG4J_FORMAT_MSG_NO_LOOKUPS=true

Finally, replace in all your log4j configuration files %m or %msg with %m{nolookups} to protect your applications also in the future.

Assets 18
Loading