reload4j | reload4j is a drop-in replacement for log4j | Plugin library

 by   qos-ch Java Version: 1.2.25 License: Apache-2.0

X-RayKey FeaturesCode SnippetsCommunity Discussions(1)VulnerabilitiesInstallSupport

kandi X-RAY | reload4j Summary

kandi X-RAY | reload4j Summary

reload4j is a Java library typically used in Plugin applications. reload4j has no bugs, it has no vulnerabilities, it has build file available, it has a Permissive License and it has low support. You can download it from GitHub, Maven.

The reload4j project is a fork of Apache log4j version 1.2.17 in order to fix most pressing security issues. It is intended as a drop-in replacement for log4j version 1.2.17. By drop-in, we mean the replacement of log4j.jar with reload4j.jar in your build without needing to make changes to source code, i.e. to your java files. With release 1.2.18.0 and later, the reload4j project offers a clear and easy migration path for the thousands of users who have an urgent need to fix vulnerabilities in log4j 1.2.17.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              reload4j has a low active ecosystem.
              It has 131 star(s) with 19 fork(s). There are 12 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 11 open issues and 36 have been closed. On average issues are closed in 11 days. There are 1 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of reload4j is 1.2.25

            kandi-Quality Quality

              reload4j has no bugs reported.

            kandi-Security Security

              reload4j has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

            kandi-License License

              reload4j is licensed under the Apache-2.0 License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              reload4j releases are not available. You will need to build from source code and install.
              Deployable package is available in Maven.
              Build file is available. You can build the component from source.

            Top functions reviewed by kandi - BETA

            kandi has reviewed reload4j and discovered the below as its top functions. This is intended to give you an instant insight into reload4j implemented functionality, and help decide if they suit your requirements.
            • Parse the configuration element .
            • Format a date .
            • Set the log type
            • Create an abbreviation from a string .
            • Create a pattern converter .
            • Check if there are any existing files in the directory .
            • Calculate factor factors .
            • Format an element .
            • Convert String to Level .
            • Parse appender filters .
            Get all kandi verified functions for this library.

            reload4j Key Features

            No Key Features are available at this moment for reload4j.

            reload4j Examples and Code Snippets

            No Code Snippets are available at this moment for reload4j.

            Community Discussions

            Trending Discussions on reload4j

            Log4j vulnerability - Is Log4j 1.2.17 vulnerable (was unable to find any JNDI code in source)?

            QUESTION

            Log4j vulnerability - Is Log4j 1.2.17 vulnerable (was unable to find any JNDI code in source)?
            Asked 2022-Feb-01 at 15:47

            With regard to the Log4j JNDI remote code execution vulnerability that has been identified CVE-2021-44228 - (also see references) - I wondered if Log4j-v1.2 is also impacted, but the closest I got from source code review is the JMS-Appender.

            The question is, while the posts on the Internet indicate that Log4j 1.2 is also vulnerable, I am not able to find the relevant source code for it.

            Am I missing something that others have identified?

            Log4j 1.2 appears to have a vulnerability in the socket-server class, but my understanding is that it needs to be enabled in the first place for it to be applicable and hence is not a passive threat unlike the JNDI-lookup vulnerability which the one identified appears to be.

            Is my understanding - that Log4j v1.2 - is not vulnerable to the jndi-remote-code execution bug correct?

            References

            This blog post from Cloudflare also indicates the same point as from AKX....that it was introduced from Log4j 2!

            Update #1 - A fork of the (now-retired) apache-log4j-1.2.x with patch fixes for few vulnerabilities identified in the older library is now available (from the original log4j author). The site is https://reload4j.qos.ch/. As of 21-Jan-2022 version 1.2.18.2 has been released. Vulnerabilities addressed to date include those pertaining to JMSAppender, SocketServer and Chainsaw vulnerabilities. Note that I am simply relaying this information. Have not verified the fixes from my end. Please refer the link for additional details.

            ...

            ANSWER

            Answered 2022-Jan-01 at 18:43

            The JNDI feature was added into Log4j 2.0-beta9.

            Log4j 1.x thus does not have the vulnerable code.

            Source https://stackoverflow.com/questions/70310980

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install reload4j

            You can download it from GitHub, Maven.
            You can use reload4j like any standard Java library. Please include the the jar files in your classpath. You can also use any IDE and you can run and debug the reload4j component as you would do with any other Java program. Best practice is to use a build tool that supports dependency management such as Maven or Gradle. For Maven installation, please refer maven.apache.org. For Gradle installation, please refer gradle.org .

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Reuse Trending Solutions

            build-a-realtime-voice-to-image-generator-using-generative-ai
            build-a-realtime-voice-to-image-generator-using-generative-ai
            Build a Realtime Voice-to-Image Generator using Generative AI
            image-resizing-using-opencv-in-python
            image-resizing-using-opencv-in-python
            Image Resizing using OpenCV in Python
            build-your-own-gpt4all-content-generator
            build-your-own-gpt4all-content-generator
            Build your own Custom GPT Content Generator (Open-Source ChatGPT Alternative)
            validate-an-email-address-in-javascript
            validate-an-email-address-in-javascript
            How to Validate an Email Address in JavaScript
            age-calculator-using-javascript
            age-calculator-using-javascript
            Age Calculator using JavaScript
            addressing-bias-in-ai---toolkit-for-fairness,-explainability-and-privacy
            addressing-bias-in-ai---toolkit-for-fairness,-explainability-and-privacy
            Addressing Bias in AI - Toolkit for Fairness, Explainability and Privacy
            javascript-node-js-payment-processing
            javascript-node-js-payment-processing
            15 best JavaScript Node.js Payment libraries
            build-credit-risk-predictor-using-federated-learning
            build-credit-risk-predictor-using-federated-learning
            Build Credit Risk predictor using Federated Learning
            top-10-javascript-tours-and-guides-libraries-in-2023
            top-10-javascript-tours-and-guides-libraries-in-2023
            10 Best JavaScript Tours and Guides Libraries in 2023
            disease-predictor
            disease-predictor
            Disease Predictor using Pandas & Scikit
            python-face-recognition
            python-face-recognition
            28 best Python Face Recognition libraries

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            Install
            Maven
            Gradle
            CLONE
          • HTTPS

            https://github.com/qos-ch/reload4j.git

          • CLI

            gh repo clone qos-ch/reload4j

          • sshUrl

            git@github.com:qos-ch/reload4j.git

            • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Open Weaver – Develop Applications Faster with Open Source

            kandi

            Community and Support

            Company

            Follow

            • © 2023 Open Weaver Inc.