Publishing details
Changelog
apache-log4j1.2 (1.2.17-9) unstable; urgency=high
* Team upload.
* Fix CVE-2019-17571. (Closes: #947124)
Included in Log4j 1.2 is a SocketServer class that is vulnerable to
deserialization of untrusted data which can be exploited to remotely
execute arbitrary code when combined with a deserialization gadget when
listening to untrusted network traffic for log data.
* Switch to debhelper-compat = 12.
* Declare compliance with Debian Policy 4.4.1.
* Use canonical VCS URI.
-- Markus Koschany <email address hidden> Sat, 11 Jan 2020 23:06:27 +0100
Builds
Built packages
-
liblog4j1.2-java
Logging library for java
-
liblog4j1.2-java-doc
Documentation for liblog4j1.2-java
Package files