apache-log4j1.2 1.2.17-9 source package in Ubuntu
Changelog
apache-log4j1.2 (1.2.17-9) unstable; urgency=high
* Team upload.
* Fix CVE-2019-17571. (Closes: #947124)
Included in Log4j 1.2 is a SocketServer class that is vulnerable to
deserialization of untrusted data which can be exploited to remotely
execute arbitrary code when combined with a deserialization gadget when
listening to untrusted network traffic for log data.
* Switch to debhelper-compat = 12.
* Declare compliance with Debian Policy 4.4.1.
* Use canonical VCS URI.
-- Markus Koschany <email address hidden> Sat, 11 Jan 2020 23:06:27 +0100
Upload details
- Uploaded by:
- Debian Java Maintainers
- Uploaded to:
- Sid
- Original maintainer:
- Debian Java Maintainers
- Architectures:
- all
- Section:
- java
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Focal | release | universe | java |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| apache-log4j1.2_1.2.17-9.dsc | 2.4 KiB | 94af9dc41077911b2a9f18cd01efe56996cfe5dcabaf8541e48718c0cddb9569 |
| apache-log4j1.2_1.2.17.orig.tar.gz | 539.1 KiB | f293c2b8cb5a68c43b8c83a41891d3ef667841c2abc4dcfb172292a49eb5336f |
| apache-log4j1.2_1.2.17-9.debian.tar.xz | 9.7 KiB | 303485eef0bc8c6c1de0b60e89aec879a34df74af74f2a136052c9c93c983363 |
Available diffs
- diff from 1.2.17-8 to 1.2.17-9 (3.6 KiB)
No changes file available.
Binary packages built by this source
- liblog4j1.2-java: No summary available for liblog4j1.2-java in ubuntu hirsute.
No description available for liblog4j1.2-java in ubuntu hirsute.
- liblog4j1.2-java-doc: Documentation for liblog4j1.2-java
The javadoc API documentation for the logging library
from the Apache Jakarta project. The documentation is
for the version 1.2 of the log4j API.
