BSI Warning for Log4j Vulnerability

2021 December 11, German Federal Office for Information Security (BSI) has published an urgent warning regarding the “log4j 2” Java programming library [1]. See [2] for English information on this vulnerability.

DAASI International is not generally using this software library, with few exceptions. The following DAASI International products and solutions are therefore not affected:

  • OpenLDAP
  • Shibboleth IdP (incl ShibCAS and OIDC plugin), SP und EDS [3]
  • didmos1 (LUI, ETL Flow, Provisioner, PwSync, Background Processes)
  • midPoint [4]

Some of our products, however, do contain the vulnerable library “log4j 2”. We will approach those customers a.s.a.p. with concrete steps how to remedy their system.

[1]: (in German)[2]: and


WordPress Cookie Plugin by Real Cookie Banner