diff options
author | Zhaofeng Li <hello@zhaofeng.li> | 2021-12-17 15:55:13 -0800 |
---|---|---|
committer | Zhaofeng Li <hello@zhaofeng.li> | 2021-12-17 15:55:13 -0800 |
commit | a4bcad541efd2b1df441c70cf81f05c578c9f018 (patch) | |
tree | db27abda9ba77c53dcd9e4458caa21709d4e8f00 /nixos | |
parent | 7cb82ec6149236f3655bd0fb269c41b55e4892fc (diff) | |
download | nixpkgs-a4bcad541efd2b1df441c70cf81f05c578c9f018.tar nixpkgs-a4bcad541efd2b1df441c70cf81f05c578c9f018.tar.gz nixpkgs-a4bcad541efd2b1df441c70cf81f05c578c9f018.tar.bz2 nixpkgs-a4bcad541efd2b1df441c70cf81f05c578c9f018.tar.lz nixpkgs-a4bcad541efd2b1df441c70cf81f05c578c9f018.tar.xz nixpkgs-a4bcad541efd2b1df441c70cf81f05c578c9f018.tar.zst nixpkgs-a4bcad541efd2b1df441c70cf81f05c578c9f018.zip |
unifi5: Follow new mitigation guidelines
Simply disabling lookups isn't enough, and the JndiLookup class must be removed: https://web.archive.org/web/20211217085954/https://logging.apache.org/log4j/2.x/security.html
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/networking/unifi.nix | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/nixos/modules/services/networking/unifi.nix b/nixos/modules/services/networking/unifi.nix index e1908cf44d1..a683c537f05 100644 --- a/nixos/modules/services/networking/unifi.nix +++ b/nixos/modules/services/networking/unifi.nix @@ -7,7 +7,6 @@ let @${cfg.jrePackage}/bin/java java \ ${optionalString (cfg.initialJavaHeapSize != null) "-Xms${(toString cfg.initialJavaHeapSize)}m"} \ ${optionalString (cfg.maximumJavaHeapSize != null) "-Xmx${(toString cfg.maximumJavaHeapSize)}m"} \ - ${optionalString (lib.versionOlder cfg.unifiPackage.version "6.5.54") "-Dlog4j2.formatMsgNoLookups=true"} \ -jar ${stateDir}/lib/ace.jar ''; in |