Innovate faster and cut risk with PHP experts from Zend Services.
Learn PHP from PHP experts with free, on-demand, and instructor led courses.
Submit support requests and browse self-service resources.
Please refer to the official status page for Log4j vulnerability concerning all Perforce products, including Zend Server and ZendPHP.
Zend Server and ZendPHP are not compiled against, or directly consuming the Log4j library, which is why we can indicate that there is no direct risk for our products installed on your servers.
There are two specific software components, Zend JavaBridge and PHP-OCI8, extending Zend/PHP functionality, you might be using now on your servers. We recommend that:
For any questions regarding the above, and any other concerns you still have, please feel free to contact us.
Java-based applications are using Log4j as their logging utility and are vulnerable to this CVE.
For our IBM i customers, if you are using the Zend Server JavaBridge, then please make sure you have the latest PTF installed for the Java LP packages.
IBM Remedy, Upgrade to the latest version of Log4j (2.15.0 or later), available from the Apache website.