cloudera-scripts-for-log4j
cloudera-scripts-for-log4j copied to clipboard
cloudera
Scripts for addressing log4j zero day security issue
Issue is in cloudera-scripts-for-log4j/hdp_support_scripts/delete_jndi.sh file, where we are not passing backupdir while patching tar.gz file. Actual code snippet with the issue: ` for tarfile in $(find -L $targetdir -name "*.tar.gz"...
The code here is not working (cm_cdp_cdh_log4j_jndi_removal.sh line 139) ``` local backupdir=${2:-/opt/cloudera/log4shell-backup} mkdir -p "$backupdir/$(dirname $tarfile)" targetbackup="$backupdir/$tarfile.backup" if [ ! -f "$targetbackup" ]; then echo "Backing up to '$targetbackup'" cp...
I need you help because after apply patches only 2 files from Cloudera Manager can´t updated, so is necessary restores both files (from backup"/opt/cloudera/log4shell-backup") because cloudera manager dont start again...
Does this script mitigate the following CVE? - [CVE-2021-45105](https://nvd.nist.gov/vuln/detail/CVE-2021-45105) - [CVE-2021-45046](https://nvd.nist.gov/vuln/detail/CVE-2021-45046) Those CVE were found after the `CVE-2021-44228` was fixed. The Cloudera script removes the `.class` which is vulnerable and...
https://github.com/cloudera/cloudera-scripts-for-log4j/blob/main/cm_cdp_cdh_log4j_jndi_removal.sh#L63 it's missing the -name parameter after -o line should read for tarfile in $(find -L $targetdir -name "*.tar.gz" -o -name "*.tgz"); do I fixed it locally and the find...
For more infos see #2 , my original PR that got auto-closed due to earlier force pushes on the main branch (not nice) Since my original PR, not much changed,...
Some temporary directories are created but not cleaned up, causing the `/tmp` directories to be saturated after a while. Eg. https://github.com/cloudera/cloudera-scripts-for-log4j/blob/f207d1540af89523ba105e9525db4af392a1a778/cm_cdp_cdh_log4j_jndi_removal.sh#L264 **but the issue exists elsewhere**. This also exists with...
Fixes #36 Issue: If a war file contains the same file twice the script will hang when it asks for a response from the user. This becomes an issue especially...
