@njoseph_1 such are the shortcomings of static linking
Dynamic linking is what made #log4shell possible in the first place.
But... what's log4j2?
Follow
Nevermind, I'm too tired.
Didn't realize the 2 was referring to the log4j version.
@njoseph_1 such are the shortcomings of static linking
Dynamic linking is what made #log4shell possible in the first place.
But... what's log4j2?
Nevermind, I'm too tired.
Didn't realize the 2 was referring to the log4j version.
@Shamar @njoseph_1
Yes, but not all vulns are caused by dynamic linking. However all of them are fixed by updating the buggy code. If that requires rebuilding every binary (or a fat jar, or a docker image - all equivalents of a binary on different levels of abstraction), it makes the process slower and more laborious.