|
91
on: September 11, 2024, 01:24:56 pm
|
| Started by Martha R. - Last post by Martha R. |
|
Hi Christine,
I apologize but I'm trying to understand the vulnerability. I understand our customer is in an old version but I want to know if we don't use Java to write reports, are these vulnerabilities an issue ? Or Can I say to the customer you don't need to worry since we don't use java to write the reports.
Thanks,
Martha
|
|
92
on: September 10, 2024, 05:21:00 pm
|
| Started by Martha R. - Last post by Martha R. |
|
Hi Christine,
Thank you so much for replying to my posts.
We use the Genero Report Writer but we don't create reports with Java. If we don't use java, so we don't need to worry about the log4j-1.2.13.jar vulnerabilities. Or even if we don't write reports with Java, genero report writer uses it internally.
Thanks,
Martha
|
|
94
on: September 10, 2024, 02:01:47 pm
|
| Started by Martha R. - Last post by Martha R. |
|
Hi Christine,
Thanks a lot for replying to my post.
Our customer is running a Genero Runtime version 3.10. Our new version of our software runs in the Genero version 4.01 which has the newer jar versions.
I'm just wondering if you can provide me with any information regarding vulnerability CVE-2022-23307 - Chainsaw. Do you guys use it? Or Can I tell the customer that vulnerability is nothing they need to worry about it.
Thanks,
Martha
|
|
95
on: September 10, 2024, 10:25:32 am
|
| Started by Martha R. - Last post by Christine R. |
|
Hello Martha,
FourJs has upgraded log4j to version 2.17.1 since the versions 3.10.17, 3.20.18, 4.00.05 and 5.00.00 of GRE.
Maybe your customers is using an older version.
Best regards,
Christine HEIM-REBIERE
FourJs Customer Care
|
|
96
on: September 10, 2024, 01:46:21 am
|
| Started by Martha R. - Last post by Reuben B. |
|
What versions of our products are you looking at?
Reuben
|
|
97
on: September 09, 2024, 09:16:05 pm
|
| Started by Martha R. - Last post by Martha R. |
|
Good Afternoon,
We've been contacted by a client concerned about the log4j-1.2.13.jar vulnerabilities:
For CVE-2021-44228: In a previous post, you mentioned this jar is outside the version range that contains the vulnerability.
For CVE-2022-23305 (Deserialization of Untrusted Data in JMSAppender) : In the same post, you mentioned that you don't use JMSAppender
But what about CVE-2022-23307 - Chainsaw ?
Also, the customer is asking why gre is using a jar file that has been end-of-life for quite some time now.
Thanks,
Martha
|
|
99
on: September 06, 2024, 05:27:23 pm
|
| Started by Christine R. - Last post by Christine R. |
 |
Genero Enterprise 5.00 Maintenance Release :
GBC 5.00.07
|
Four Js is pleased to announce a Maintenance Release of Genero Browser Client 5.00.07. What's new for GBC...- There is a minor change in the StartMenuWidget feature with the introduction of the $gbc-StartMenuWidget-doubleclick-trigger variable.
- One new StartMenu variable is available
You can refer to https://4js.com/online_documentation/fjs-gbc-manual-html/#gbc-topics/gbc_whatsnew_50007.html for more information. This version also includes the following bug fixes: https://4js.com/support/issue/GBC/5.00.07. It is now downloadable from the website: https://4js.com/download/products/. All Four Js Genero customers under maintenance have free access to the new release. Best regards, Four Js Development Tools |
|
100
on: August 30, 2024, 03:21:36 pm
|
| Started by Benjamin G. - Last post by Roland W. |
I usually use the following code with every BEFORE ROW or ON ACTION statement inside of a DISPLAY/INPUT ARRAY to check whether a row has been selected: BEFORE ROW IF DIALOG.GetCurrentRow("ScreenArrayName") > 0 THEN do something END IF
Kind regards Roland |
|
Sign in for full access
Help