SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for log4j12-1.2.17-4.9.1.noarch.rpm :

* Wed Jan 19 2022 fstrbaAATTsuse.com- Remove the chainsaw sub-package (bsc#1194844, CVE-2022-23307)- Remove src/main/java/org/apache/log4j/jdbc/JDBCAppender.java from the build to mitigate bsc#1194843, CVE-2022-23305- Remove src/main/java/org/apache/log4j/net/JMSSink.java from the build to mitigate bsc#1194842, CVE-2022-23302- Obsolete chainsaw < 2.1 by the log4j12 package- Added patch:
* log4j12-missingmodules.patch + do not package org.apache.log4j.chainsaw classes + package org.apache.log4j.pattern classes that will be needed by apache-log4j-extras which is a dependency of chainsaw 2.x
* Tue Jan 04 2022 david.anesAATTsuse.com- Fix \'chainsaw\' package: [bsc#1193184 - Chainsaw does not start]
* log4j-chainsaw.sh: + Add proper BASE_JARS, using log4j12 instead of log4j.
* Add missing dependency to log4j12 for \'chainsaw\' package.
* Thu Dec 16 2021 psimonsAATTsuse.com- Remove src/main/java/org/apache/log4j/net/JMSAppender.java from the build to mitigate CVE-2021-4104. [bsc#1193662]
* Mon Nov 29 2021 mailaenderAATTopensuse.org- Put GUI tools into separate packages
* Fri Mar 20 2020 fstrbaAATTsuse.com- Added patch:
* log4j12-bundle_manifest.patch + Add a bundle manifest to the log4j12 package so that it can be used by eclipse
* Tue Jan 07 2020 pmonrealgonzalezAATTsuse.com- Security fix: [bsc#1159646, CVE-2019-17571]
* Remote code execution: Deserialization of untrusted data in SocketServer
* Backported from CVE-2017-5645 for Log4j 2.8.2- Add log4j-CVE-2019-17571.patch
* Tue Jan 07 2020 pmonrealgonzalezAATTsuse.com- Remove script jpackage-mini-prepare.sh
* Mon Jan 06 2020 fstrbaAATTsuse.com- Let both the log4j12 and log4j12-mini packages obsolete the log4j and log4j-mini < 1.3 in order to simplify upgrades
* Tue Oct 01 2019 fstrbaAATTsuse.com- Rename to log4j12/log4j12-mini as a compatibility packages- Convert to multibuild- Clean up with the spec-cleaner- Install maven pom files even with the mini package
* Tue Jan 22 2019 fstrbaAATTsuse.com- Build against a generic javamail provider instead of against classpathx-mail
* Tue Jan 15 2019 fstrbaAATTsuse.com- Let log4j provide the log4j-mini and obsolete it too.- Remove conflicts on each other
* Thu Dec 13 2018 fstrbaAATTsuse.com- Depend on the generic xml-apis
* Thu Oct 18 2018 fstrbaAATTsuse.com- Install and package the maven pom and metadata files for the non-bootstrap log4j
* Wed Jul 25 2018 fstrbaAATTsuse.com- Require at least java 8 for build
* Wed Jan 10 2018 bwiedemannAATTsuse.com- Add log4j-reproducible.patch to drop javadoc timestamps to make package builds more reproducible (boo#1047218)
* Tue Sep 12 2017 fstrbaAATTsuse.com- Specify java source and target level 1.6 to allow building with jdk9
* Mon Mar 02 2015 tchvatalAATTsuse.com- Version bump to 1.2.17 latest 1.2 series:
* No short changelog provided - many small changes- Try to avoid cycle between log4j and apache-common-loggings- Remove obsoleted patch:
* log4j-jmx-Agent.patch- Refresh patch to apply to new source:
* log4j-mx4j-tools.patch
* Mon Mar 02 2015 tchvatalAATTsuse.com- Cleanup with a spec-cleaner so I can understand what is going around here.
  
ICM