Welcome to jdrgaming.com Thursday, March 28 2024 @ 10:40 PM PDT

Log4j vulnerability mitigated on JDRGaming Minecraft server

There's a nasty vulnerability in the Log4j library used in thousands of Java applications, including Minecraft.

The JDRGaming Minecraft server is actually running Spigot, which is basically Minecraft plus some improvements. It's running Spigot version 1.17.1, which contains the Log4j vulnerability.

Minecraft 1.18.1 includes a fix for this vulnerability. If you haven't already, you should update your Minecraft client to 1.18.1. Run the launcher and it should install the new version automatically.

However, you won't be able to play on the JDRGaming server with a Minecraft 1.18.1 client. To do that, you'll have to create a special install of the Minecraft 1.17.1 client. The Minecraft launcher allows you to install multiple parallel client installations.

You can safely join the JDRGaming Minecraft server with your Minecraft 1.17.1 client, even though the server is currently running the vulnerable Spigot 1.17.1, because the server is now being run with a special option that mitigates (i.e. negates) the vulnerability.

The JDRGaming Minecraft server will be upgraded to Spigot 1.18.1 soon after it becomes available.