mirror of
https://github.com/itzg/docker-minecraft-server
synced 2024-12-13 13:52:27 +00:00
fix: log4j patch being applied to <1.7 versions (#1183)
As described in https://www.minecraft.net/en-us/article/important-message--security-vulnerability-java-edition, versions below 1.7 are not affected by the log4j exploit. They should therefore not use any mitigations. See #1179 discussion after merge. Reported-and-tested-by: Daniel Porter "Stealthii" <dan.porter@rehabstudio.com>
This commit is contained in:
parent
3bb21d8581
commit
e66b2eda60
1 changed files with 4 additions and 1 deletions
|
@ -96,7 +96,10 @@ patchLog4jConfig() {
|
|||
}
|
||||
|
||||
# Patch Log4j remote code execution vulnerability
|
||||
if isFamily VANILLA && versionLessThan 1.12; then
|
||||
# See https://www.minecraft.net/en-us/article/important-message--security-vulnerability-java-edition
|
||||
if versionLessThan 1.7; then
|
||||
: # No patch required here.
|
||||
elif isFamily VANILLA && versionLessThan 1.12; then
|
||||
patchLog4jConfig log4j2_17-111.xml https://launcher.mojang.com/v1/objects/dd2b723346a8dcd48e7f4d245f6bf09e98db9696/log4j2_17-111.xml
|
||||
elif isFamily VANILLA && versionLessThan 1.17; then
|
||||
patchLog4jConfig log4j2_112-116.xml https://launcher.mojang.com/v1/objects/02937d122c86ce73319ef9975b58896fc1b491d1/log4j2_112-116.xml
|
||||
|
|
Loading…
Reference in a new issue