Is JBoss patch 7.4.20 available with any of the AEM Forms JEE sp installers? | Community
Skip to main content
G
GPhillips58
Level 3
February 3, 2025
Question

Is JBoss patch 7.4.20 available with any of the AEM Forms JEE sp installers?

  • February 3, 2025
  • 2 replies
  • 843 views

We are running jboss-eap-7.4.10 which has a log4j vulnerability. Does Adobe provide JBoss patches with the JEE installers?  JBoss from Adobe is not covered under our Red Hat Enterprise Linux license so we cannot get the patch from Red Hat.

2 replies

Shiv_Prakash_Patel
Community Advisor
Shiv_Prakash_PatelCommunity Advisor
Community Advisor
February 3, 2025

HI @gphillips58 ,

Boss EAP 7.4.10 primarily utilizes the JBoss Logging framework, which does not inherently include the vulnerable components of Log4j. Therefore, the core JBoss EAP is not directly affected by the Log4j vulnerabilities.

However, if your applications deployed on JBoss EAP incorporate Log4j, especially versions prior to 2.17.1, they may be susceptible to known vulnerabilities. In such cases, it's crucial to update Log4j to the latest secure version within your applications.

Regards,

Shiv Prakash
    G
    GPhillips58Author
    Level 3
    February 21, 2025

    We are running AEM Forms 6.5.21 on JBoss. Are you saying that AEM does not use log4j?

    kautuk_sahni
    Community Manager
    kautuk_sahniCommunity Manager
    Community Manager
    February 18, 2025

    @gphillips58 Did you find the suggestion helpful? Please let us know if you need more information. If a response worked, kindly mark it as correct for posterity; alternatively, if you found a solution yourself, we’d appreciate it if you could share it with the community. Thank you!

    Kautuk Sahni
    Terms & ConditionsAccessibility statement

    Loading footer...