May I know if backdrop vulnerable to the Log4shell/Log4j (CVE-2021-44228) in any stage or version or third party plugin found vulnerable to this ? Is there any official statement from backdrop on this ? I need a firm answer on this. Thanks.
Weekly office hours
Bring your questions to our weekly virtual office hours, every Wednesday. Everyone is welcome.
Recent topics
Posted 2 days 12 hours ago by (Peter.B.Eriksen) in How-To and Troubleshooting
Posted 2 days 13 hours ago by (Peter.B.Eriksen) in How-To and Troubleshooting
Posted 4 days 5 hours ago by (Peter.B.Eriksen) in How-To and Troubleshooting
Posted 1 week 8 hours ago by (izmeez) in How-To and Troubleshooting
Posted 1 week 1 day ago by Sudipto Kumar Mitra (sudipto68) in How-To and Troubleshooting
Recent comments
PayPal Checkout works too!
Commerce shop system from Drupal
nice find! the links for the most recently updated issues in the core and contrib queues are a great way to stay on top of things—especially now that the feature freeze is just around the corner...
Seeing what issues are new
A simple way — use Field Group to create a container for fields https://backdropcms.org/project/field_group and CSS Flex оr Grid to alignment. You can also create Fieldsets to...
Layout also for /node/add/ forms?
Yes. The are several ways to do this: Install Mail System and select "Testing" for delivery in admin/config/system/mailsystem Install Maillog / Mail developer...
Prevent Backdrop from sending emails
The short answer is no, you can't theme forms or change their layouts through the UI. There is a ported version of Display Suite, which has a submodule called Display Suite Forms that allows you...
Comments
Backdrop is definitely not vulnerable because of Log4j. Log4j is a Java component; Backdrop doesn't directly use Java, it's written in PHP, HTML, and JavaScript, with a smattering of scripting languages and configurations.
Note: I don't speak officially for Backdrop, but I'm pretty confident about this.
I'm glad to hear this. Thanks for your affirmation.