-
Thu Oct 20 2022 Marián Konček <mkoncek@redhat.com> - 2.17.2-1
- Update to upstream version 2.17.2
- Re-add log4j-web subpackage
-
Thu Oct 20 2022 Marián Konček <mkoncek@redhat.com> - 2.17.1-5
- Remove glyphicons resources from source package
-
Tue Mar 29 2022 Mikolaj Izdebski <mizdebsk@redhat.com> - 2.17.1-4
- Fix dependency scope of jakarta-activation
-
Wed Feb 23 2022 Mikolaj Izdebski <mizdebsk@redhat.com> - 2.17.1-3
- Fix compatibility with OpenJDK 8
-
Mon Feb 21 2022 Mikolaj Izdebski <mizdebsk@redhat.com> - 2.17.1-2
- Remove dependency on jackson
-
Tue Dec 28 2021 Paul Wouters <paul.wouters@aiven.io> - 2.17.1-1
- Update log4j to 2.17.1 for CVE-2021-44832 RCE via JDBC Appender (when attacker controls config)
-
Sat Dec 18 2021 Paul Wouters <paul.wouters@aiven.io> - 2.17.0-1
- Update log4j to 2.17.0 for CVE-2021-45105 Denial of Service attack
-
Mon Dec 13 2021 Paul Wouters <paul.wouters@aiven.io> - 2.16.0-1
- Update log4j to 2.16.0 - Disables JNDI by default
-
Sun Dec 12 2021 Sérgio Basto <sergio@serjux.com> - 2.15.0-1
- Update log4j to 2.15.0 (#2030907)
- Security fix for CVE-2021-44228 (#2030945)
-
Sun Aug 01 2021 Sérgio Basto <sergio@serjux.com> - 2.14.1-1
- Update to 2.14.1
- Disable javadoc (#1988896)
- Build with jansi-2
- Remove deps on slf4j-ext (no longer available in Fedora 35)