Asherslab

Disclaimer

All information below is accurate to the best of our knowledge, however due to this being an ongoing issue please remain on the safe side of things and be cautious.

Our recommendation is to not connect to ANY servers or RUN any servers until mojang has made an official announcement regarding this issue

RCE Summary

LunaSec Article

TL;DR The RCE in question relates to the logging library Log4J, any message logged can access JNDI,

Asherslab

[06:56:14.285] [Server thread/ERROR] [ne.mi.ev.EventBus/EVENTBUS]: Exception caught during firing event: null
        Index: 1
        Listeners:
                0: NORMAL
                1: ASM: class com.minecolonies.coremod.event.EventHandler onWorldLoad(Lnet/minecraftforge/event/world/WorldEvent$Load;)V
java.lang.NullPointerException
        at com.minecolonies.api.crafting.ItemStorage.lambda$new$1(ItemStorage.java:72)
        at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193)
        at java.util.Collections$2.tryAdvance(Collections.java:4719)
        at java.util.Collections$2.forEachRemaining(Collections.java:4727)

Asherslab

ldtteam-testserver-3777_minecraft-server.1.lvrz74pwr8x9@Orion    | [13:00:36] [Server thread/INFO] [minecraft/MinecraftServer]: Preparing spawn area: 13%
ldtteam-testserver-3777_minecraft-server.1.lvrz74pwr8x9@Orion    | [13:00:37] [Server thread/INFO] [minecraft/MinecraftServer]: Preparing spawn area: 89%
ldtteam-testserver-3777_minecraft-server.1.lvrz74pwr8x9@Orion    | [13:00:37] [Server thread/INFO] [minecraft/DedicatedServer]: Done (5.067s)! For help, type "help" or "?"
ldtteam-testserver-3777_minecraft-server.1.lvrz74pwr8x9@Orion    | [13:00:37] [Server thread/INFO] [minecolonies]: Finished discovering saplings
ldtteam-testserver-3777_minecraft-server.1.lvrz74pwr8x9@Orion    | [13:00:37] [Server thread/INFO] [minecolonies]: Finished discovering Ores
ldtteam-testserver-3777_minecraft-server.1.lvrz74pwr8x9@Orion    | [13:00:37] [Server thread/INFO] [minecolonies]: Finished discovering oreBlocks
ldtteam-testserver-3777_minecraft-server.1.lvrz74pwr8x9@Orion    | [13:00:37] [Server thread/INFO] [minecolonies

Asherslab

#! /usr/local/bin/python3

import argparse
import json
import sys
import threading
import requests

parser = argparse.ArgumentParser()
subparsers = parser.add_subparsers(help="help for subcommand")

Asherslab

repo=""
state="all"
type="all"
numerical=false

username=''
githubKey=''

print_usage() {
	echo "Usage: "

Asherslab

#!/bin/sh

## Start Values ##

#Whether to prune volumes as well
prunevolumes=true

#Whether to prune networks as well
prunenetworks=true

Asherslab

java.util.concurrent.ExecutionException: java.lang.NullPointerException
at java.util.concurrent.FutureTask.report(FutureTask.java:122) ~[?:1.8.0_201]
at java.util.concurrent.FutureTask.get(FutureTask.java:192) ~[?:1.8.0_201]
at net.minecraft.util.Util.func_181617_a(SourceFile:47) [h.class:?]
at net.minecraft.server.MinecraftServer.func_71190_q(MinecraftServer.java:723) [MinecraftServer.class:?]
at net.minecraft.server.dedicated.DedicatedServer.func_71190_q(DedicatedServer.java:397) [nz.class:?]
at net.minecraft.server.MinecraftServer.func_71217_p(MinecraftServer.java:668) [MinecraftServer.class:?]
at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:526) [MinecraftServer.class:?]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_201]
Caused by: java.lang.NullPointerException

Asherslab

#!/bin/sh
stacks=$(docker stack ls | grep -o -P 'chatchain-pr-.{1}' | cut -c14-) 
stackprefix=chatchain-pr-
databasesuffix=_mongo-databases
networksuffix=_internal
matchuntilblankspace='\S*'

githubpullprefix=https://github.com/ldtteam/chatchain/pull/

delete_stack() {

Asherslab

version: '3.1'

services:
  api:
    image: asherslab/chatchain-api:prs-${Branch}
    depends_on:
      - mongodb
      - identitydb
      - identityserverdb
    networks:

Asherslab

version: '3.1'

services:
  api:
    image: docker.minecolonies.com/chatchainserver:latest
    ports:
      - 8082:80
    depends_on:
      - mongodb
      - identitydb