Bug 25916

Summary: log4j12 new security issue CVE-2019-17571
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED DUPLICATE QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: log4j12-1.2.17-19.mga7.src.rpm CVE:
Status comment:

Description David Walser 2019-12-20 21:55:40 CET 
Apache has issued an advisory on December 18:
https://www.openwall.com/lists/oss-security/2019/12/19/2

Mageia 7 is also affected.
Comment 1 David Walser 2019-12-20 21:57:33 CET 
As Bug 20693 noted, this was already fixed in the log4j12 package by Fedora (patch imported by yours truly in r1107578).

*** This bug has been marked as a duplicate of bug 20693 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE