Fedora has issued an advisory on August 21: https://lists.fedoraproject.org/pipermail/package-announce/2014-August/137182.html This package is only in Cauldron. To sync this commit: http://pkgs.fedoraproject.org/cgit/cas-client.git/commit/?id=28f88f7127e3b8f0ca23dc20ce321619b23f3229 We'll need to import log4j12: http://pkgs.fedoraproject.org/cgit/log4j12.git http://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/source/SRPMS/l/log4j12-1.2.17-6.fc22.src.rpm and then update to 3.3.3 to fix the CVE: http://pkgs.fedoraproject.org/cgit/cas-client.git/commit/?id=162ff6d95ccf23b84bf5ea0ba981aab79d1b7ecc Reproducible: Steps to Reproduce:
Dropped from cauldron.
Status: NEW => RESOLVEDCC: (none) => mageiaResolution: (none) => OLD
Reopening for now. This is dropped in Cauldron. Keeping this bug around just in case someone brings it back, but if someone brings anything back, they really should resync it with F21 first.
Status: RESOLVED => REOPENEDResolution: OLD => (none)
Closing again. This won't be reintroduced for Mageia 5.
Status: REOPENED => RESOLVEDResolution: (none) => FIXED