Thanks Jaime for the update. To be clear, there are some settings for log4j related to HDFS, but default installation of HTCondor doesn’t involve that correct?
HTCondor-users <htcondor-users-bounces@xxxxxxxxxxx> on behalf of Jaime Frey <jfrey@xxxxxxxxxxx>
Date: Tuesday, December 14, 2021 at 11:17 AM
To: HTCondor-Users Mail List <htcondor-users@xxxxxxxxxxx>
Subject: [EXTERNAL] Re: [HTCondor-users] HTCondor and log4j status?
This email has been received from outside of DOI - Use caution before clicking on links, opening attachments, or responding.
There is a little bit of java code in HTCondor that assists in running user applications written in java (i.e. the java universe), but none of it uses log4j. To our knowledge, the HTCondor Software Suite is
not affected by the CVE-2021-44228 log4j vulnerability.
That was my impression too Steve. Just after a statement from the developers.
htcondor is not written in Java, why would there be any log4j dependencies? Checked all my condor installations and don't see log4j as part of it. Of course there should be an official note from the developers.
Just wondering if or when the HTCondor Team might be able to release information about HTCondor and the
CVE-2021-44228 log4j vulnerability.
e.g. not used so no problem, or used but old version not impacted, or used and this is the mitigation/upgrade.
We, and I assume every other IT dept. are being pushed hard for info from vendors about this.
HTCondor-users mailing list
To unsubscribe, send a message to
htcondor-users-request@xxxxxxxxxxx with a
You can also unsubscribe by visiting
The archives can be found at: