May I know if backdrop vulnerable to the Log4shell/Log4j (CVE-2021-44228) in any stage or version or third party plugin found vulnerable to this ? Is there any official statement from backdrop on this ? I need a firm answer on this. Thanks.
Weekly office hours
Bring your questions to our weekly virtual office hours, every Wednesday. Everyone is welcome.
Recent topics
Posted 2 days 20 hours ago by Martin Price | System Horizons Ltd (yorkshirepudding) in How-To and Troubleshooting
Posted 4 days 23 hours ago by (swampopus) in How-To and Troubleshooting
Posted 6 days 4 hours ago by RS Snyder (theflightrs) in How-To and Troubleshooting
Posted 6 days 16 hours ago by (adamg) in How-To and Troubleshooting
Posted 6 days 17 hours ago by RS Snyder (theflightrs) in How-To and Troubleshooting
Recent comments
Thanks Alejandro. That was the clues I needed.
Ubercart - Programmatically add product to cart and straight to Checkout
Have you tried uc_cart_add_item()? You need to provide the nid of the product. Then you can use backdrop_goto('cart/checkout'); to send the user to the checkout screen. uc_cart_add_item...
Ubercart - Programmatically add product to cart and straight to Checkout
No problem, let's see how it evolves. I'd be happy to provide a suggested version if i could. I will keep that in mind and try learn this hook chain hopefully very soon. I will...
File hashing uploads made through TinyMCE
I could request hashing support, but that's the lazy way 🤣 I would appreciate it if you as an active maintainer would 'officially' add a hashing support...
File hashing uploads made through TinyMCE
Hi, i understand the updating obstacle - not worth mentioning - hence it is a wacky (but working) patch until i know what to do. :-) One of my biggest wishes is to understand the hook...
Comments
Backdrop is definitely not vulnerable because of Log4j. Log4j is a Java component; Backdrop doesn't directly use Java, it's written in PHP, HTML, and JavaScript, with a smattering of scripting languages and configurations.
Note: I don't speak officially for Backdrop, but I'm pretty confident about this.
I'm glad to hear this. Thanks for your affirmation.