[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2018-1285/log4net
Salvatore Bonaccorso
carnil at debian.org
Sun Apr 11 20:25:13 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d6e0dc5c by Salvatore Bonaccorso at 2021-04-11T21:24:41+02:00
Track fixed version for CVE-2018-1285/log4net
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -212469,7 +212469,7 @@ CVE-2018-1286 (In Apache OpenMeetings 3.0.0 - 4.0.1, CRUD operations on privileg
NOT-FOR-US: Apache OpenMeetings
CVE-2018-1285 (Apache log4net versions before 2.0.10 do not disable XML external enti ...)
{DLA-2211-1}
- - log4net <unfixed> (low; bug #977468)
+ - log4net 1.2.10+dfsg-8 (low; bug #977468)
[buster] - log4net <no-dsa> (Minor issue)
[stretch] - log4net <no-dsa> (Minor issue; requires application to accept arbitrary configuration files)
NOTE: https://issues.apache.org/jira/browse/LOG4NET-575
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6e0dc5cffc21ac0006dcb1243274bdb7d7e5e3d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6e0dc5cffc21ac0006dcb1243274bdb7d7e5e3d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210411/ad5dbe5c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list