apache-log4j1.2 1.2.17-8+deb10u1build0.18.04.1 source package in Ubuntu

Changelog

apache-log4j1.2 (1.2.17-8+deb10u1build0.18.04.1) bionic-security; urgency=medium

  * fake sync from Debian

apache-log4j1.2 (1.2.17-8+deb10u1) buster-security; urgency=high

  * Team upload.
  * Fix CVE-2019-17571. (Closes: #947124)
    Included in Log4j 1.2 is a SocketServer class that is vulnerable to
    deserialization of untrusted data which can be exploited to remotely
    execute arbitrary code when combined with a deserialization gadget when
    listening to untrusted network traffic for log data.

 -- Paulo Flabiano Smorigo <email address hidden>  Mon, 14 Sep 2020 15:35:14 +0000

Upload details

Uploaded by:
Paulo Flabiano Smorigo on 2020-09-14
Uploaded to:
Bionic
Original maintainer:
Debian Java Maintainers
Architectures:
all
Section:
java
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Bionic updates on 2020-09-14 universe java
Bionic security on 2020-09-14 universe java

Builds

Bionic: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
apache-log4j1.2_1.2.17.orig.tar.gz 539.1 KiB f293c2b8cb5a68c43b8c83a41891d3ef667841c2abc4dcfb172292a49eb5336f
apache-log4j1.2_1.2.17-8+deb10u1build0.18.04.1.debian.tar.xz 9.7 KiB d840b4e892ddeaf0d688f745187f5898c88120874651e55c4452ba64c5d6f783
apache-log4j1.2_1.2.17-8+deb10u1build0.18.04.1.dsc 2.4 KiB e029f4dbbdaeaee61c0076db641c1738e0ecf3633fdde7e5d4fe18b494a3710b

View changes file

Binary packages built by this source

liblog4j1.2-java: Logging library for java

 log4j is a tool to help the programmer output log statements to a variety of
 output targets.
 .
 It is possible to enable logging at runtime without modifying the application
 binary. The log4j package is designed so that log statements can remain in
 shipped code without incurring a high performance cost.
 .
 One of the distinctive features of log4j is the notion of hierarchical
 loggers. Using loggers it is possible to selectively control which log
 statements are output at arbitrary granularity.
 .
 Log4j can output to: a file, a rolling file, a database with a JDBC driver,
 many output asynchronously, a JMS Topic, a swing based logging console,
 the NT event log, /dev/null, a SMTP server (using javamail), a socket server,
 syslog, telnet daemon and stdout.
 .
 The format of the output can be defined using one of the various layout
 (or user defined layout) like: simple text, html, date, pattern defined and
 XML.

liblog4j1.2-java-doc: Documentation for liblog4j1.2-java

 The javadoc API documentation for the logging library
 from the Apache Jakarta project. The documentation is
 for the version 1.2 of the log4j API.