[Git][security-tracker-team/security-tracker][master] Track fixed versionfor two log4cxx issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Sep 28 18:13:36 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
30f25fa1 by Salvatore Bonaccorso at 2025-09-28T19:13:07+02:00
Track fixed versionfor two log4cxx issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13120,14 +13120,14 @@ CVE-2025-55454 (An authenticated arbitrary file upload vulnerability in the comp
 CVE-2025-55398 (An issue was discovered in mouse07410 asn1c thru 0.9.29 (2025-03-20) - ...)
 	NOT-FOR-US: mouse07410 asn1c
 CVE-2025-54813 (Improper Output Neutralization for Logs vulnerability in Apache Log4cx ...)
-	- log4cxx <unfixed> (bug #1111881)
+	- log4cxx 1.4.0-1.1 (bug #1111881)
 	[trixie] - log4cxx <no-dsa> (Minor issue)
 	[bookworm] - log4cxx <no-dsa> (Minor issue)
 	NOTE: https://logging.apache.org/security.html#CVE-2025-54813
 	NOTE: https://github.com/apache/logging-log4cxx/pull/512
 	NOTE: Fixed by: https://github.com/apache/logging-log4cxx/commit/a799c934545311ff4179c68e16bbeb02b5c66348 (rel/v1.5.0, v1.5.0-RC1)
 CVE-2025-54812 (Improper Output Neutralization for Logs vulnerability in Apache Log4cx ...)
-	- log4cxx <unfixed> (bug #1111879)
+	- log4cxx 1.4.0-1.1 (bug #1111879)
 	[trixie] - log4cxx <no-dsa> (Minor issue)
 	[bookworm] - log4cxx <no-dsa> (Minor issue)
 	NOTE: https://logging.apache.org/security.html#CVE-2025-54812



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30f25fa1de8e7fa1e683e18462faf6f7b0c5c65b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30f25fa1de8e7fa1e683e18462faf6f7b0c5c65b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250928/fe08d6d2/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list