Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,293,346
Community Members
 
Community Events
165
Community Groups

/atlassian/.hold/syslog-ng needs to be removed

Hi, 

I'm running Confluence server and our IT department just let me know that /atlassian/.hold/syslog-ng needs to be removed because it contains log4j. We only have a production server so I can't test how removing that will affect the server.. 

Is there a fix for that vulnerability? How should I resolve this issue?

Thanks!

Tony

2 answers

0 votes

syslog-ng isn't part of Confluence.

Talk to your IT department to better understand what is actually vulnerable and the options you may have

0 votes

If you remove it, your Confluence will stop working properly.

You should look at the vulnerability, check if you are actually affected by it, look at the amelioration options, and probably go with the most simple ones of firewalling, trusting your admins, or upgrading Confluence.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
TAGS
Community showcase
Published in Confluence

Confluence: Where work and wellness meet

Feeling overwhelmed by the demands of work and life? With a 25% increase in the prevalence of anxiety and depression worldwide during the pandemic, for most of us, it’s a resounding yes . 🙋‍♀️ ...

733 views 5 21
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you