Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

BrightSign will continue to monitor further security developments and employ new mitigations when appropriate.

Java Apache Log4j

BrightSignNetwork.com, BSN.Cloud, BSNEE, and BrightAuthor:connected do not use log4j and are not impacted by the related vulnerability.

BrightSign OS does not contain Java. We do package the Java runtime as an extension: any customers who use the Java extension should audit their application to confirm if they use log4j, and if so, use a patched version that is not susceptible to CVE-2021-44228.

BrightSign Network

All BSN servers are hosted using Amazon Web Services (AWS). Amazon has patched all instances on their EC2 service to protect from the Meltdown and Spectre vulnerabilities.

...