Mirror von
https://github.com/PaperMC/Velocity.git
synchronisiert 2024-12-24 15:20:35 +01:00
Exclude org/apache/logging/log4j/core/lookup/JndiLookup.class entirely
It's the one sure-fire way to prevent further exploits using JNDI through Log4j.
Dieser Commit ist enthalten in:
Ursprung
002452e755
Commit
fd842c4364
@ -153,6 +153,9 @@ shadowJar {
|
||||
// Exclude Checker Framework annotations
|
||||
exclude 'org/checkerframework/checker/**'
|
||||
|
||||
// Exclude a Log4j class well-known for its use in recent security exploits.
|
||||
exclude 'org/apache/logging/log4j/core/lookup/JndiLookup.class'
|
||||
|
||||
relocate 'org.bstats', 'com.velocitypowered.proxy.bstats'
|
||||
}
|
||||
|
||||
|
Laden…
In neuem Issue referenzieren
Einen Benutzer sperren