[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#52421] [PATCH][SECURITY] gnu: java-log4j-api: Update to 2.15.0.
|
From: |
Ludovic Courtès |
|
Subject: |
[bug#52421] [PATCH][SECURITY] gnu: java-log4j-api: Update to 2.15.0. |
|
Date: |
Sat, 11 Dec 2021 22:08:27 +0100 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) |
Hi,
Julien Lepiller <julien@lepiller.eu> skribis:
> today I learnt about a CVE on log4j. Looking more closely, it seems
> that log4j2 has had 3 CVEs (at least 3 are listed on
> https://logging.apache.org/log4j/2.x/security.html) and we're
> vulnerable to all of them \o/
>
> This series updates to the latest version. Thankfully, log4j keeps a
> stable API, so there's no breakage in dependents, but a few
> dependencies had to be added/updated.
I had a quick look and it all LGTM.
Thanks for taking care of it!
Ludo’.
- [bug#52421] [PATCH][SECURITY] gnu: java-log4j-api: Update to 2.15.0., Julien Lepiller, 2021/12/10
- [bug#52421] [PATCH 1/5] gnu: java-jansi: Update to 2.4.0., Julien Lepiller, 2021/12/10
- [bug#52421] [PATCH 2/5] gnu: Add java-jctools-core-1., Julien Lepiller, 2021/12/10
- [bug#52421] [PATCH 3/5] gnu: Add java-conversant-disruptor., Julien Lepiller, 2021/12/10
- [bug#52421] [PATCH 5/5] gnu: java-log4j-api: Update to 2.15.0., Julien Lepiller, 2021/12/10
- [bug#52421] [PATCH 4/5] gnu. java-lmax-disruptor: Update to 3.4.4., Julien Lepiller, 2021/12/10
- [bug#52421] [PATCH][SECURITY] gnu: java-log4j-api: Update to 2.15.0.,
Ludovic Courtès <=