SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for log4j-2.13.0-4.3.1.noarch.rpm :

* Fri Dec 10 2021 psimonsAATTsuse.com- Apply \"CVE-2021-44228.patch\" to fix a remote code execution vulnerability that existed in the LDAP JNDI parser. [bsc#1193611, CVE-2021-44228]
* Mon Apr 27 2020 pmonrealgonzalezAATTsuse.com- Security fix: [bsc#1170535, CVE-2020-9488]
* Improper validation of certificate with host mismatch in SMTP appender.- Add log4j-CVE-2020-9488.patch
* Wed Feb 26 2020 fstrbaAATTsuse.com- Added patches:
* logging-log4j-LOG4J2-2745-LOG4J2-2744-slf4j.patch
* logging-log4j-Remove-unsupported-EventDataConverter.patch + fix build with newer slf4j
* Tue Jan 21 2020 pmonrealgonzalezAATTsuse.com- Update to 2.13.0 [bsc#1159646, CVE-2019-17571]
* Bugfixes and minor enhancements: - CVE-2019-17571: Remote code execution: Deserialization of untrusted data in SocketServer - Log4j 2 now requires Java 8 or higher to build and run. - Better integration with Spring Boot by providing access to Spring variables in Log4j 2 configuration files and allowing Log4j 2 system properties to be defined in the Spring configuration. - Support for accessing Kubernetes information via a Log4j 2 Lookup. - The Gelf Layout now allows the message to be formatted using a PatternLayout pattern. - Due to a break in compatibility in the SLF4J binding, Log4j now ships with two versions of the SLF4J to Log4j adapters. - log4j-slf4j-impl should be used with SLF4J 1.7.x and earlier and log4j-slf4j18-impl should be used with SLF4J 1.8.x and later. - Note that the XML, JSON and YAML formats changed in the 2.11.0 release: they no longer have the \"timeMillis\" attribute and instead have an \"Instant\" element with \"epochSecond\" and \"nanoOfSecond\" attributes. - The Log4j 2.13.0 API, as well as many core components, maintains binary compatibility with previous releases.
* New Features - Add ThreadContext.putIfNotNull method. - Add a Level Patttern Selector. - Add experimental support for Log4j 1 configuration files. - Add the ability to lookup Kubernetes attributes in the Log4j configuration. Allow Log4j properties to be retrieved from the Spring environment if it is available. - Allow Spring Boot application properties to be accessed in the Log4j 2 configuration. Add lower and upper case Lookups. - Add builder pattern to Logger interface.
* Fixed Bugs - Prevent recursive calls to java.util.LogManager.getLogger(). - Added try/finally around event.execute() for RingBufferLogEventHandler to clear memory correctly in case of exception/error. - Wrong java version check in ThreadNameCachingStrategy. - Use a less confusing name for the CompositeConfiguration source. - Add setKey method to Kafka Appender Builder. - ArrayIndexOutOfBoundsException could occur with MAC address longer than 6 bytes. - The rolling file appenders would fail to compress the file after rollover if the file name matched the file pattern. - AATTPluginValue does not support attribute names besides \"value\". - Validation blocks definition of script in properties configuration. - Set result of rename action to true if file was copied. - Add automatic module names where missing. - OutputStreamAppender.Builder ignores setFilter(). - Prevent a memory leak when async loggers throw errors.
* Changes - Update Jackson to 2.9.10. - Allow message portion of GELF layout to be formatted using a PatternLayout. - Allow ThreadContext attributes to be explicitly included or excluded in the GelfLayout.
* Mon Jan 06 2020 fstrbaAATTsuse.com- Obsolete log4j-mini, since on systems where this package is installed, the log4j-mini is not supposed to exist, but the compatibility version log4j12-mini/log4j12
* Mon Nov 04 2019 fstrbaAATTsuse.com- Run fdupes on the javadoc
* Tue Oct 01 2019 fstrbaAATTsuse.com- Upgrade to apache-log4j-2.11.1- Drop the log4j vs. log4j-mini split
* the bootstrapping is done using the log4j12/log4j12-mini compatibility packages- Removed patches:
* log4j-javadoc-xlink.patch
* log4j-logfactor5-userdir.patch
* log4j-mx4j-tools.patch
* log4j-reproducible.patch + unnecessary with this version
* Tue Jan 22 2019 fstrbaAATTsuse.com- Build against a generic javamail provider instead of against classpathx-mail
* Tue Jan 15 2019 fstrbaAATTsuse.com- Let log4j provide the log4j-mini and obsolete it too.- Remove conflicts on each other
* Thu Dec 13 2018 fstrbaAATTsuse.com- Depend on the generic xml-apis
* Thu Oct 18 2018 fstrbaAATTsuse.com- Install and package the maven pom and metadata files for the non-bootstrap log4j
* Wed Jul 25 2018 fstrbaAATTsuse.com- Require at least java 8 for build
* Wed Jan 10 2018 bwiedemannAATTsuse.com- Add log4j-reproducible.patch to drop javadoc timestamps to make package builds more reproducible (boo#1047218)
* Tue Sep 12 2017 fstrbaAATTsuse.com- Specify java source and target level 1.6 to allow building with jdk9
* Mon Mar 02 2015 tchvatalAATTsuse.com- Version bump to 1.2.17 latest 1.2 series:
* No short changelog provided - many small changes- Try to avoid cycle between log4j and apache-common-loggings- Remove obsoleted patch:
* log4j-jmx-Agent.patch- Refresh patch to apply to new source:
* log4j-mx4j-tools.patch
* Mon Mar 02 2015 tchvatalAATTsuse.com- Cleanup with a spec-cleaner so I can understand what is going around here.
  
ICM