apache-log4j1.2 1.2.17-9ubuntu0.1 source package in Ubuntu

Changelog

apache-log4j1.2 (1.2.17-9ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: code execution via JMS appender
    - debian/patches/0002-Disable-JNDI-by-default.patch: Add an additional
      option that disables the JMS appender by default.
    - CVE-2021-4104
  * Environments that require JMS Appender will need to add the following
    to their configuration file: log4j.appender.jms.Enabled=true

 -- Paulo Flabiano Smorigo <email address hidden>  Mon, 10 Jan 2022 14:35:55 +0000

Upload details

Uploaded by:
Paulo Flabiano Smorigo
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
java
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Focal updates universe java
Focal security universe java

Builds

Focal: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
apache-log4j1.2_1.2.17.orig.tar.gz 539.1 KiB f293c2b8cb5a68c43b8c83a41891d3ef667841c2abc4dcfb172292a49eb5336f
apache-log4j1.2_1.2.17-9ubuntu0.1.debian.tar.xz 10.6 KiB e77bf5eb32e8ef5294ed7237bff3ec90b59f2c59d516c1131c8fd34a1ffd27a1
apache-log4j1.2_1.2.17-9ubuntu0.1.dsc 2.4 KiB bd6a44dfbf12dbdba4bd81f25e0dbe73796121303726d671720b25d4c00e234d

View changes file

Binary packages built by this source

liblog4j1.2-java: Logging library for java

 log4j is a tool to help the programmer output log statements to a variety of
 output targets.
 .
 It is possible to enable logging at runtime without modifying the application
 binary. The log4j package is designed so that log statements can remain in
 shipped code without incurring a high performance cost.
 .
 One of the distinctive features of log4j is the notion of hierarchical
 loggers. Using loggers it is possible to selectively control which log
 statements are output at arbitrary granularity.
 .
 Log4j can output to: a file, a rolling file, a database with a JDBC driver,
 many output asynchronously, a JMS Topic, a swing based logging console,
 the NT event log, /dev/null, a SMTP server (using javamail), a socket server,
 syslog, telnet daemon and stdout.
 .
 The format of the output can be defined using one of the various layout
 (or user defined layout) like: simple text, html, date, pattern defined and
 XML.

liblog4j1.2-java-doc: Documentation for liblog4j1.2-java

 The javadoc API documentation for the logging library
 from the Apache Jakarta project. The documentation is
 for the version 1.2 of the log4j API.