Administrative | Ricoh Developer Program (RiDP)

What is the impact of the log4j v1 exploit captured in CVE-2021-4104 on RiDP offerings?

Re: NVD - CVE-2021-4104 (nist.gov)

For information about this and other potential security vulnerabilities related to Ricoh products and services vist our Alerts and Security Vulnerabilities Announcements.

RXOP

This vulnerablility has been identified in log4j version 1.x,

Read more about What is the impact of the log4j v1 exploit captured in CVE-2021-4104 on RiDP offerings?

What is the impact of the Log4j2 exploit captured as CVE-2021-44228 on RiDP offerings?

References:

RiDP is taking this matter seriously, and is currently reviewing all our offerings to determine the impact and scope of this exploit. Updates to this emerging situation will be captured here.

Read more about What is the impact of the Log4j2 exploit captured as CVE-2021-44228 on RiDP offerings?

What is the VMware submission process?

VMware Submission Process

The process of sending VMware images for testing will be discontinued in favor of a new process. To perform the compatibility test of solutions in RiDP Test environment, Ricoh will require developers to upload, install, configure and test the application server software onto a Windows based system remotely. In order for Ricoh to have on-site access to 3rd party back-end servers, developers will configure a server on a VMware image running at Ricoh.

Instructions for implementation of the VMware Submission Process:

Read more about What is the VMware submission process?

What if I can’t setup a virtual machine remotely on PTEC’s server?

In situations when you can’t setup your Virtual machine remotely, you’ll have to revert to the old format of sending USB sticks.

Two separate images need to be sent. One for PTEC (New Jersey) and another for RiDP (California). Below are the addresses for each location.
VMware Shipping Addresses:

1. Mail 1st set of USB Memory Stick(s) to:
Ricoh Americas Corporation
Attn: Vasantha Yerneni
5 Dedrick Place
West Caldwell, NJ 07006

Read more about What if I can’t setup a virtual machine remotely on PTEC’s server?

How to correctly submit a Maintenance Signature Request?

In general, maintenance signatures are given for those applications that were tested in the last year and a half. Maintenance signatures are meant for correcting MINOR or COSMETIC issues that DO NOT require introduction of new components.

Read more about How to correctly submit a Maintenance Signature Request?

Does the Vmware image for testing have to be packaged a certain way?

Here are 3 recommendations for providing virtual machines for both PTEC and the RiDP support staff:

Read more about Does the Vmware image for testing have to be packaged a certain way?

Can we replace the Ricoh copyright within the source code provided by Ricoh with our own company copyright?

When using the sample code, tools and/or frameworks provided by Ricoh, you are not allowed to modify the Copyright as declared in their respective location within the source code and/or documentation. If you have any questions in regards to our policy please open a support incident.

Read more about Can we replace the Ricoh copyright within the source code provided by Ricoh with our own company copyright?