How to upgrade Log4j2.x library shipped with TIBCO BusinessEvents Enterprise Edition 6.2.1
Article ID: KB0072596
Updated On:
| Products | Versions |
|---|---|
| TIBCO BusinessEvents Enterprise Edition | 6.2.1 |
Description
There were couple of TIBCO BE releases to address Apache Log4J vulnerability (CVE-2021-44228). The BE 6.2.1 was our first release to address the Apache Log4J vulnerability (CVE-2021-44228)
and this came with Apache Log4j library version 2.17.0 which was the latest available library at the time of the release. Our next 6.x release was BE 6.1.2 and Log4j library was upgraded to the latest available 2.17.1.
This article provides steps to update the Log4j library that comes with BE 6.2.1 to Log4j 2.17.1.
Environment
All Supported Platforms
TIBCO BusinessEvents 6.2.1
Resolution
To upgrade the Log4j library that comes with BE 6.2.1 to 2.17.1 please follow steps below:
- Please follow link below to download the Log4j 2.17.1 jar file from Apache downloads section and replace the existing Log4j2.17.0 jar under BE_HOME/lib/ext/tpcl/apache with Log4j 2.17.1 jar.
https://logging.apache.org/log4j/2.x/download.html
- You can also get the Log4j 2.17.1 jar from BE 6.1.2 installation and copy that into BE 6.2.1 BE_HOME/lib/ext/tpcl/apache folder.
- Please follow link below to download the Log4j 2.17.1 jar file from Apache downloads section and replace the existing Log4j2.17.0 jar under BE_HOME/lib/ext/tpcl/apache with Log4j 2.17.1 jar.
https://logging.apache.org/log4j/2.x/download.html
- You can also get the Log4j 2.17.1 jar from BE 6.1.2 installation and copy that into BE 6.2.1 BE_HOME/lib/ext/tpcl/apache folder.
Issue/Introduction
How to upgrade Log4j2.x library shipped with TIBCO BusinessEvents Enterprise Edition 6.2.1
Feedback
Yes
No
Powered by
