Info

Java Off-Heap

The Java Off-Heap Podcast brings together the latest tech news for the java professional. We go over the current issues and discuss them in depth, bringing the knowledge of a top circle of professionals from Chicago. Come take a listen and figure out what's going on in the Java world!
RSS Feed
Java Off-Heap
2024
August
July
April
February


2023
November
August
June
April
February
January


2022
October
July
June
May
April
February
January


2021
November
October
September
August
April
March
February


2020
December
November
October
June
May
March
January


2019
October
August
June
April
March
February
January


2018
December
November
October
September
July
June
May
March
February


2017
December
November
October
September
August
July
May
April
March
February
January


2016
November
October
September
August
July
May
April
February
January


2015
November
October
September
August
July
June
May
April


All Episodes
Archives
Now displaying: January, 2022
Jan 3, 2022

Hopefully you have had some time to R&R, but if you were in tech around Dec 2020, you heard that there was this massive security incident around Log4j. It affected almost everyone, from large to small companies, and if you work in Java, chances are that you might've to work on it too (and if you haven't, it's a good idea to double-check your code)

It has a severity of "10", which is rare, and what makes it hard to ignore. If you want to understand what it was about, and how it got there, then take a listen. Learn how to patch against it, as we travel and dive into the mechanics and the missed opportunities that happened.


http://www.javaoffheap.com/datadog
We thank DataDogHQ for sponsoring this podcast episode

DO follow us on twitter @offheap
http://www.twitter.com/offheap


*News*
MicroProfile 5.0:
https://microprofile.io/

Eclipse IDE Release
https://www.eclipse.org/downloads/packages/release/2021-12/r

NetBeans 12.6 Release
https://netbeans.apache.org/download/nb126/index.html

Spring Native 0.11 Release
https://docs.spring.io/spring-native/docs/current/reference/htmlsingle/

*Discussion*

Log4j2
https://www.lunasec.io/docs/blog/log4j-zero-day/

It made CNN:
https://www.cnn.com/2021/12/13/politics/us-warning-software-vulnerability/index.html

 

 

1