<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html lang="en">
<head>
<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">
<title>
GitLab
</title>



<style>img {
max-width: 100%; height: auto;
}
</style>
</head>
<body>
<div class="content">

<h3>
Markus Koschany pushed to branch stretch
at <a href="https://salsa.debian.org/java-team/apache-log4j2">Debian Java Maintainers / apache-log4j2</a>
</h3>
<h4>
Commits:
</h4>
<ul>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/ed6badcc8e918af78f4e5b4b92cf594b3b29cdf6">ed6badcc</a></strong>
<div>
<span>by Emmanuel Bourg</span>
<i>at 2017-06-21T12:09:47+02:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 2.8.2</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/2d92309a1129395cc882a9fc4fda4f69ca69099a">2d92309a</a></strong>
<div>
<span>by Emmanuel Bourg</span>
<i>at 2018-03-16T14:45:56+01:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 2.9.0</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/d5178edea329ed831192322a6cf426b4f9082852">d5178ede</a></strong>
<div>
<span>by Emmanuel Bourg</span>
<i>at 2018-03-16T16:42:34+01:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 2.10.0</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/6d16824b3b5f9626cde80b368366316383e007e0">6d16824b</a></strong>
<div>
<span>by Emmanuel Bourg</span>
<i>at 2018-04-22T22:31:19+02:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 2.11.0</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/c87b2af9a4ec0ec4289cb4477c9c947bf1e4e817">c87b2af9</a></strong>
<div>
<span>by Emmanuel Bourg</span>
<i>at 2018-07-31T15:46:53+02:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 2.11.1</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/d43edfd0ac54cd1e6a3c14f733454e18ba218109">d43edfd0</a></strong>
<div>
<span>by Emmanuel Bourg</span>
<i>at 2019-09-10T09:35:25+02:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 2.11.2</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/3e3a4f41d715894d4e5a3ebb74605cbf7fac41d5">3e3a4f41</a></strong>
<div>
<span>by Emmanuel Bourg</span>
<i>at 2021-01-19T13:34:43+01:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 2.12.0</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/088c9fc9f7ca5247e38a9455ac1536c297957248">088c9fc9</a></strong>
<div>
<span>by Emmanuel Bourg</span>
<i>at 2021-01-19T13:35:04+01:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 2.12.1</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/d9fc0d36ccf90adf9e9297d7b759cfe96f178d4d">d9fc0d36</a></strong>
<div>
<span>by Emmanuel Bourg</span>
<i>at 2021-01-19T14:01:11+01:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 2.13.1</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/6c6f5b7fb58533c675aa96dfffab035cca44c06c">6c6f5b7f</a></strong>
<div>
<span>by Emmanuel Bourg</span>
<i>at 2021-01-19T14:01:23+01:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 2.13.2</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/0aa2f85bd92de8ee33564995f3defc43d11e5664">0aa2f85b</a></strong>
<div>
<span>by Emmanuel Bourg</span>
<i>at 2021-01-19T14:01:32+01:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 2.13.3</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/bcae8c0eb67f8c7e5af771d29a34304764dd519a">bcae8c0e</a></strong>
<div>
<span>by Markus Koschany</span>
<i>at 2021-12-11T14:49:40+01:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 2.15.0</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/7dfdbd706a6b2f613aa1c540ecd3248f56d69166">7dfdbd70</a></strong>
<div>
<span>by Markus Koschany</span>
<i>at 2021-12-15T02:36:02+01:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 2.16.0</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/10929b7d61d9355a0c7a9b5f0e90d4b6aa6ca896">10929b7d</a></strong>
<div>
<span>by Markus Koschany</span>
<i>at 2021-12-18T17:06:17+01:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">New upstream version 2.17.0</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/aa58884fa3d5f84025c3226f27bc7a1f1b06b2f3">aa58884f</a></strong>
<div>
<span>by Markus Koschany</span>
<i>at 2021-12-26T23:36:29+01:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Import Upstream version 2.12.3</pre>
</li>
<li>
<strong><a href="https://salsa.debian.org/java-team/apache-log4j2/-/commit/300b6c02761c79d66ddc3cd1d737435928161f86">300b6c02</a></strong>
<div>
<span>by Markus Koschany</span>
<i>at 2021-12-26T23:36:29+01:00</i>
</div>
<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Import Debian changes 2.12.3-0+deb9u1

apache-log4j2 (2.12.3-0+deb9u1) stretch-security; urgency=high
..
  * Team upload.
  * Fix CVE-2020-9488:
    Improper validation of certificate with host mismatch in Apache Log4j SMTP
    appender. This could allow an SMTPS connection to be intercepted by a
    man-in-the-middle attack which could leak any log messages sent through
    that appender.
  * Fix CVE-2021-45105:
    Apache Log4j2 did not protect from uncontrolled recursion from
    self-referential lookups. This allows an attacker with control over Thread
    Context Map data to cause a denial of service when a crafted string is
    interpreted.
</pre>
</li>
</ul>
<h4>30 changed files:</h4>
<ul>
<li class="file-stats">
<a href="#05a721ebe3ba0754116825ed1359ff1785f4bbac">
log4j-web/src/main/resources/log4j2.component.properties

.dockerignore
</a>
</li>
<li class="file-stats">
<a href="#24139dae656713ba861751fb2c2ac38839349a7a">
<span class="new-file">
+
.gitattributes
</span>
</a>
</li>
<li class="file-stats">
<a href="#a5cc2925ca8258af241be7e5b0381edf30266302">
.gitignore
</a>
</li>
<li class="file-stats">
<a href="#56dfb90324ac912f88c8848889888c6551e8a551">
<span class="new-file">
+
.travis-toolchains.xml
</span>
</a>
</li>
<li class="file-stats">
<a href="#dea01dd89a3b602828e630677fde5d77c06441c8">
<span class="new-file">
+
.travis.yml
</span>
</a>
</li>
<li class="file-stats">
<a href="#2652ef1870a2168b634561d9396bcfe23aafa2e4">
<span class="new-file">
+
BUILDING.md
</span>
</a>
</li>
<li class="file-stats">
<a href="#0426576666947b851d4dcbe4b44ebfb8d143e67c">
<span class="deleted-file">

BUILDING.txt
</span>
</a>
</li>
<li class="file-stats">
<a href="#0834ae016f8fea5cff771880c0be1d55299732ff">
<span class="new-file">
+
CODE_OF_CONDUCT.md
</span>
</a>
</li>
<li class="file-stats">
<a href="#3f454a98e586d1aa0d322e19afd5e67e08f2d3c8">
<span class="new-file">
+
CONTRIBUTING.md
</span>
</a>
</li>
<li class="file-stats">
<a href="#6651ddff6eb82c840ced7c1dddee15c6e1913dd4">
log4j-to-slf4j/src/main/resources/META-INF/log4j-provider.properties

Dockerfile
</a>
</li>
<li class="file-stats">
<a href="#95ef3ba1912b05b25372821e70a4f159d651b57d">
NOTICE.txt
</a>
</li>
<li class="file-stats">
<a href="#8ec9a00bfd09b3190ac6b22251dbb1aa95a0579d">
README.md
</a>
</li>
<li class="file-stats">
<a href="#6f8a88f369eae9b2f3ece90d1ba6366a16f25f9c">
<span class="new-file">
+
RELEASE-NOTES.md
</span>
</a>
</li>
<li class="file-stats">
<a href="#f3a4611c5b27808109eecbffe706f70a983e7b07">
<span class="deleted-file">

RELEASE-NOTES.txt
</span>
</a>
</li>
<li class="file-stats">
<a href="#880a33829d0929ef6c5bb535e6f72195c0d9b644">
<span class="deleted-file">

Vagrantfile
</span>
</a>
</li>
<li class="file-stats">
<a href="#9c96da0e9f91d7d8937b69b524702c106258f0d1">
debian/changelog
</a>
</li>
<li class="file-stats">
<a href="#58ef006ab62b83b4bec5d81fe5b32c3b4c2d1cc2">
debian/control
</a>
</li>
<li class="file-stats">
<a href="#adb7f75f79e3bb85eb62912a2904c5d24af878fb">
debian/copyright
</a>
</li>
<li class="file-stats">
<a href="#fcc3441895a5d848a10bc3bb16a022490b523909">
<span class="deleted-file">

debian/liblog4j2-java-doc.doc-base.api
</span>
</a>
</li>
<li class="file-stats">
<a href="#960c1f336e5c7911828d99b7ab2fba50fc2aa797">
<span class="deleted-file">

debian/liblog4j2-java-doc.install
</span>
</a>
</li>
<li class="file-stats">
<a href="#29b7115d0b0b55205ae0b4f9ffd706012373a90a">
debian/liblog4j2-java.poms
</a>
</li>
<li class="file-stats">
<a href="#26121dc92cd4cd9822d2e9e2b619b799bf9a51f4">
debian/maven.ignoreRules
</a>
</li>
<li class="file-stats">
<a href="#d006b76813d91cccc2a85e222d10982eb5d52728">
debian/maven.properties
</a>
</li>
<li class="file-stats">
<a href="#58530b38acb0fa3a65612c676abaea46c4a3f2f3">
debian/maven.rules
</a>
</li>
<li class="file-stats">
<a href="#818122a11a21263517630e15be5f26311d177dff">
debian/patches/01-disable-kafka-appender.patch
</a>
</li>
<li class="file-stats">
<a href="#cbbf2773f62ed2914ed5dd84a6be5b4e3061bf41">
<span class="deleted-file">

debian/patches/02-jackson-compatibility.patch
</span>
</a>
</li>
<li class="file-stats">
<a href="#8513215b07e7c7dd3d454eb716c51fade0c19c89">
<span class="deleted-file">

debian/patches/03-mongodb-compatibility.patch
</span>
</a>
</li>
<li class="file-stats">
<a href="#580934341653ebd6bc0aad211873287b631e5af5">
<span class="deleted-file">

debian/patches/CVE-2017-5645.patch
</span>
</a>
</li>
<li class="file-stats">
<a href="#7284766e7fecd1e73d6a601f89653fba9c1c14d3">
<span class="deleted-file">

debian/patches/CVE-2021-44228.patch
</span>
</a>
</li>
<li class="file-stats">
<a href="#f91d919db43bd5ed7e764fa860f3ba69ee72a052">
<span class="new-file">
+
debian/patches/no-java9-support.patch
</span>
</a>
</li>
</ul>
<h5>The diff was not included because it is too large.</h5>

</div>
<div class="footer" style="margin-top: 10px;">
<p style="font-size: small; color: #666;">

<br>
<a href="https://salsa.debian.org/java-team/apache-log4j2/-/compare/ac8bf75d974e5194278c2c9ea9cea45c407a6f51...300b6c02761c79d66ddc3cd1d737435928161f86">View it on GitLab</a>.
<br>
You're receiving this email because of your account on salsa.debian.org.
If you'd like to receive fewer emails, you can
adjust your notification settings.



</p>
</div>
</body>
</html>