January 12, 2022 Doug Bidwell
The Log4j and Log4Shell saga continues here in the second edition of the IBM i PTF Guide in 2022, which is a fast follower to the one we published just two days ago. IBM has issued a new Security Bulletin, explaining that IBM i components are affected by CVE-2021-4104 (Log4j version 1.X), and the full details about the security exposure and mitigation techniques can be found at this link.
Here are the affected products and their versions:
- IBM Navigator for i (heritage version only): IBM i 7.4, 7.3, and 7.2 – the heritage version
- Integrated Web Services Server (IWS):