Package: apache-log4j1.2 / 1.2.17-10+deb11u1
Metadata
Package | Version | Patches format |
---|---|---|
apache-log4j1.2 | 1.2.17-10+deb11u1 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
build_fix.patch | (download) |
build.xml |
7 2 + 5 - 0 ! |
enables the compilation of the jmx classes and tweaks the javadoc. |
remove activation framework dependency.patch | (download) |
build.xml |
1 0 + 1 - 0 ! |
remove the dependency on the activation framework (integrated to java 6 and later) |
add missing classes.patch | (download) |
build.xml |
4 3 + 1 - 0 ! |
add missing classes to jar |
CVE 2019 17571.patch | (download) |
src/main/java/org/apache/log4j/FilteredObjectInputStream.java |
65 65 + 0 - 0 ! |
cve-2019-17571 Bug-Debian: https://bugs.debian.org/947124 |
disable examples.patch | (download) |
build.xml |
2 1 + 1 - 0 ! |
no longer build the examples to avoid an error with openjdk 17 |
CVE 2022 23305.patch | (download) |
src/main/java/org/apache/log4j/jdbc/JDBCAppender.java |
398 0 + 398 - 0 ! |
cve-2022-23305 Bug-Debian: https://bugs.debian.org/1004482 This change mitigates the impact of CVE-2022-23305. Apache Log4j 1.2 has reached end of life in August 2015. No further updates will be available. |
CVE 2022 23302.patch | (download) |
src/main/java/org/apache/log4j/net/JMSSink.java |
153 0 + 153 - 0 ! |
cve-2022-23302 Bug-Debian: https://bugs.debian.org/1004482 This change mitigates the impact of CVE-2022-23302. Apache Log4j 1.2 has reached end of life in August 2015. No further updates will be available. |
CVE 2022 23307.patch | (download) |
src/main/java/org/apache/log4j/chainsaw/ControlPanel.java |
222 0 + 222 - 0 ! |
cve-2022-23307 Bug-Debian: https://bugs.debian.org/1004482 This change mitigates the impact of CVE-2022-23307. Apache Log4j 1.2 has reached end of life in August 2015. No further updates will be available. |
CVE 2021 4104.patch | (download) |
src/main/java/org/apache/log4j/net/JMSAppender.java |
444 0 + 444 - 0 ! |
cve-2021-4104 Bug-Debian: https://bugs.debian.org/1004482 This change mitigates the impact of CVE-2021-4104. Apache Log4j 1.2 has reached end of life in August 2015. No further updates will be available. |