+6Hello,
I have detected Log4j vulnerability on our 200 machines.
I have an issue upgrading the jar file.
I can delete /Users/*/Library/Aternity/Agent/lib/log4j-core-2.13.3.jar
However I do not know how to replace/override it with log4j-core-2.17.1.jar.
How to replace jar file in jamf ?
Jamf Cloud Hosted v10.35.0
+17You will likely want to see how Aternity plans to remediate this. Here is their response to the log4j vulnerabilities:
https://aternity.force.com/customersuccess/s/article/Apache-Log4j-Zero-Day-Exploit
In that link, there is a section that talks about the agent, but it appears to be behind a login wall. If you use eternity, I would imagine you may have a login to get to that page. Otherwise, Id recommend reaching out to their support as the issue would best be resolved by them issuing an updated agent for you to deploy or a patch you can apply.
+7If you can delete it by:
rm -f /Users/*/Library/Aternity/Agent/lib/log4j-core-2.13.3.jar
Then you can deploy the new jar-File (with a PKG) to a temp directory [/private/tmp/log4j-core-2.17.1.jar] and use a postinstall script to move it (back) to all user's home folders:
#!/bin/zsh
# Create a file with a list of all users
dscl /Local/Default -list /Users uid | awk '$2 >= 500 { print $1; }' > /private/tmp/users.txt
# Use the list of users to copy your file to the appropriate location
for a in `cat /private/tmp/users.txt` ; do cp -pf /private/tmp/log4j-core-2.17.1.jar /Users/$a/Library/Aternity/Agent/lib/; done
for a in `cat /private/tmp/users.txt` ; do chmod -R 777 /Users/$a/Library/Aternity/Agent/lib/; done
# Delete all temporary files
rm -f /private/tmp/users.txt
rm -f /private/tmp/log4j-core-2.17.1.jar
exit 0
(AFAIR: With SPSS 28.0.1.0 I had to replace 3 JAR files in 3 different directories.)
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.