[java-sig-commits] [Bug 2030945] CVE-2021-44228 log4j: log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value [fedora-all]

14 Dec 2021


      https://bugzilla.redhat.com/show_bug.cgi?id=2030945
--- Comment #17 from Adam Williamson awilliam@redhat.com ---
Update: working on this now. I've backported the thing log4j needed to jansi
2.1.1 (I hope). With that we should be able to build log4j 2.16.0 with no
breaking changes to jansi. I've just submitted the buildroot override for the
jansi change, have a scratch build for log4j lined up, if that scratch build
works I'll do an official build then submit an update for both packages.
-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2030945

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

[java-sig-commits] [Bug 2030945] CVE-2021-44228 log4j: log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value [fedora-all]