Package "apache-log4j2"

Name:	apache-log4j2
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: Apache Log4j - Logging Framework for Java Documentation for Apache Log4j 2
Latest version:	2.12.4-0ubuntu0.1
Release:	bionic (18.04)
Level:	security
Repository:	universe

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "apache-log4j2" in Bionic

Repository	Area	Version
base	universe	2.10.0-2
updates	universe	2.12.4-0ubuntu0.1

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 2.12.4-0ubuntu0.1 2022-01-11 21:06:20 UTC

apache-log4j2 (2.12.4-0ubuntu0.1) bionic-security; urgency=medium * SECURITY UPDATE: Remote code execution - Updated to new upstream version 2.12.4. - CVE-2021-44832 - CVE-2021-45105 -- Paulo Flabiano Smorigo <email address hidden> Tue, 11 Jan 2022 17:40:59 +0000

Source diff to previous version

CVE-2021-44832	Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) at
CVE-2021-45105	Certain strings can cause infinite recursion

Version: 2.10.0-2ubuntu0.1 2021-12-14 03:06:22 UTC

apache-log4j2 (2.10.0-2ubuntu0.1) bionic-security; urgency=medium * SECURITY UPDATE: Remote code execution - debian/patches/CVE-2021-44228.patch: Remove JndiLookup class. - CVE-2021-44228 -- Paulo Flabiano Smorigo <email address hidden> Fri, 10 Dec 2021 17:24:48 +0000

CVE-2021-44228

Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JN

About - Send Feedback to @ubuntu_updates

Package "apache-log4j2"

Links

Other versions of "apache-log4j2" in Bionic

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

PPA updates