2021-W50 anDREa Update

2021-W50 anDREa Update

myDRE NOT vulnerable for CVE-2021-4428 - Apache Log4J2

Apache Log4j is a Java-based logging utility. It was found to harbor a vulnerability to attackers. anDREa does not use Apache Log4J2 or forks in production, hence the myDRE platform and workspaces are not vulnerable. Also, our ticketing system and knowledge base (ZoHo Desk) does not use Apache Log4J2.  Moreover, Virtual Machines that do have Apache Log4J2 installed are not vulnerable due to firewall restrictions that block inbound access by default. We'll be looking into workspaces that might have inbound access enabled.

For the complete announcement and full details, please visit: myDRE NOT vulnerable for CVE-2021-4428 - Apache Log4J2.

Issues reported regarding resizing VMs

Recently, some reports have reached us regarding resizing VMs. Requested VM sizes might appear twice in the resize menu or the requested VM size does not appear in the menu. We're actively investigating this issue. The double appearance of VMs in the resize menu most likely is caused by Promo versions of VMs of which the offer has been ended by Microsoft. By making use of a different API to display VM sizes this will most likely be remediated. The second issue requires more investigation. In the meantime, we propose this workaround: I am not able to resize my VM (workaround).

anDREa FAQ

To better understand anDREa's role, we have put together a list with article links. The FAQ can be found here. This list will be updated regularly.

Bug fixes

Recently, we pushed a minor bugfix to production regarding large data transfers between workspaces. In some cases, files larger than 100GB resulted in an empty transfer. This issue has been fixed.


    • Related Articles

    • 2021-W51 anDREa Update

      Last weekly update from anDREa in 2021 The current year has been an exciting year for anDREa. Quite some researchers have been using the platform since the researchenvironment.org days, the DRE on the Radboudumc Azure cloud. In March 2021, mydre.org ...
    • 2021-W33 Update from anDREa

      This should be the first of many where we will update you on released and upcoming features, things that are happening at anDREa, etc. Recently added features/improvements Type Description Bug Daily snapshot missing on some of the new and migrated ...
    • 2021-W34 Update from anDREa

      General Holidays affect the development capacity, but we're moving nicely forward. The good thing is that Microsoft sent us an Azure Sponsorship Offer that will help to move some backend improvements forward. One such thing is multi-region support. ...
    • 2021-W51 anDREa Update

      We have published a new weekly update with the following topics: Last weekly update of anDREa in 2021 *** DRE support out-of-office during holiday period *** Spot Virtual Machines are available *** Bug fix Read more at: 2021-W51 anDREa Update.
    • 2021-W50 anDREa Update

      We have published a new weekly update:  myDRE NOT vulnerable for CVE-2021-4428 - Apache Log4J2 *** Issues reported regarding resizing VMs *** anDREa FAQ ***  Bug fixes Read more at: 2021-W49 anDREa Update.