May I know if backdrop vulnerable to the Log4shell/Log4j (CVE-2021-44228) in any stage or version or third party plugin found vulnerable to this ? Is there any official statement from backdrop on this ? I need a firm answer on this. Thanks.
Backdrop LIVE
April 3-4, 2025
An interactive online event for anyone interested in Backdrop CMS. Everyone is welcome.
Recent topics
Posted 1 day 14 hours ago by (rt-9988) in How-To and Troubleshooting
Posted 2 days 19 min ago by (dd123) in How-To and Troubleshooting
Posted 4 days 15 hours ago by (Coffee70) in How-To and Troubleshooting
Posted 5 days 4 hours ago by (willowf) in How-To and Troubleshooting
Posted 1 week 14 hours ago by (john@delinuxco.com) in Initiatives
Recent comments
Thank you for all your help. In the meantime I just edited the export db-file and removed the top line with the sandbox comment. --> Still the same issue. I exported also with the...
Problem with utf8mb4 Format when importing database
Another possibility: The RRSB module has a forward option. If you don't want all the social-media sharing links, you can uncheck them all, then enable RRSB on the node types of your choice.
Forward/email this page ?
One person said: I use bee in mamp - but not sure what i can offer. I did a basic setup and it just works...
Problem with utf8mb4 Format when importing database
It is possible to remove that line manually from the SQL file and it should then import to MySQL fine.
Problem with utf8mb4 Format when importing database
I think people have used bee in MAMP. I've posted in our chat channel to see if anyone can jump in here and help: #Backdrop > Bee @ 💬
Comments
Backdrop is definitely not vulnerable because of Log4j. Log4j is a Java component; Backdrop doesn't directly use Java, it's written in PHP, HTML, and JavaScript, with a smattering of scripting languages and configurations.
Note: I don't speak officially for Backdrop, but I'm pretty confident about this.
I'm glad to hear this. Thanks for your affirmation.