unspecified

log4j - Java logging package

Website: http://logging.apache.org/log4j
License: ASL 2.0
Vendor: Virtuozzo
Description:
Log4j is a tool to help the programmer output log statements to a
variety of output targets.

Packages

log4j-1.2.17-18.vl7.src [2.8 MiB] Changelog by Mikolaj Izdebski (2022-02-02):
- Fix Unsafe deserialization flaw in Chainsaw log viewer
- Fix SQL injection when application is configured to use JDBCAppender
- Fix remote code execution when application is configured to use JMSSink
- Resolves: CVE-2022-23307, CVE-2022-23305, CVE-2022-23302
log4j-1.2.17-17.vl7.src [2.7 MiB] Changelog by Mikolaj Izdebski (2021-12-15):
- Fix remote code execution vulnerability
- Resolves: CVE-2021-4104
log4j-1.2.17-16.vl7.src [2.7 MiB] Changelog by Mikolaj Izdebski (2017-07-11):
- Fix socket receiver deserialization vulnerability
- Resolves: CVE-2017-5645

Listing created by Repoview-0.6.6-4.el7