Please Note This forum exists for community support for the Mango product family and the Radix IoT Platform. Although Radix IoT employees participate in this forum from time to time, there is no guarantee of a response to anything posted here, nor can Radix IoT, LLC guarantee the accuracy of any information expressed or conveyed. Specific project questions from customers with active support contracts are asked to send requests to support@radixiot.com.

Update: There is a 3rd vulnerability reported in log4j - CVE-2021-45105

Mango is not affected by this particular vulnerability as

Mango does not use a context lookup in any of the patterns in the supplied log4j2.xml file Our codebase does not make use of the org.apache.logging.log4j.ThreadContext class

For more information, please see https://logging.apache.org/log4j/2.x/security.html

Mango will update to Log4J version 2.17.0 with our next release, however we do not believe this new CVE warrants an immediate patch.

Thanks for the note! It's been a top priority today, and we are happy to have a resolution for everyone as of an hour ago. This vulnerability is going to be a pretty big deal for lots of software out in the wild, and we are super pleased we were able to get a fix out, and roll both 3.7 and 4.2 updates pretty much in hours for everyone.

Please see the info here: https://forum.mango-os.com/topic/5404/apache-cve-2021-44228-log4j-remote-code-execution-vulnerability-resolution

Have a wonderful weekend!
MIke.

Never mind. I found a Mango box slip which had all the info on it. Thanks

@tped See this section:

Configuration file is now named mango.properties

On this link:
https://docs-v4.mango-os.com/upgrade-to-v4

Do you see problems with snapshots, because of the SQL or NOSQL databases?

KR,
Sasa

@himanshu

It is the exact same concept.:
<ma-state-params on-change="designer.parameters.dn = $stateParams.dn" update-params="designer.updateParams"></ma-state-params>
this component takes the URL parameters and puts them into a object called designer.updateParams. That object can be used anywhere now in the pages scope.

If you are going to do an upgrade, copy the entire mango directory, bzip it if you have to so then you have a working backup on the mango unit itself. You can do this over ssh assuming you have remote shell access.

Alternatively, stick with Firefox as its only google chrome that is pulling this jazz.

To be honest though, I would stay with 3.5 as there are still a number of issues on 3.7 that haven't been fixed as the dev team are swamped with mango 4Beta.

Just use a different web browser.

Fox

Changing the tag will not cause loss of data. Neither will changing the XID from within mango. Something else must have happened.

@mattfox
Ok thanks for that information. Will do that.

best regards
Ramhuzaini