[Git][security-tracker-team/security-tracker][master] add apache-log4j to dsa-needed, apache-log4j1.2 n/a
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Dec 10 09:04:43 GMT 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b8718b06 by Moritz Muehlenhoff at 2021-12-10T10:04:08+01:00
add apache-log4j to dsa-needed, apache-log4j1.2 n/a
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1538,6 +1538,7 @@ CVE-2021-44229
CVE-2021-44228
RESERVED
- apache-log4j2 <unfixed>
+ - apache-log4j1.2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/advisories/GHSA-jfh8-c2jp-5v3q
NOTE: https://github.com/apache/logging-log4j2/pull/608
NOTE: https://www.lunasec.io/docs/blog/log4j-zero-day/
=====================================
data/dsa-needed.txt
=====================================
@@ -11,6 +11,8 @@ To pick an issue, simply add your uid behind it.
If needed, specify the release by adding a slash after the name of the source package.
+--
+apache-log4j2
--
asterisk/oldstable
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b8718b06d377b593b984e14eb937112f1b89a9c6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b8718b06d377b593b984e14eb937112f1b89a9c6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211210/d7de9699/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list