ELSA-2022-0442

ULN >
Oracle Linux Errata repository >
ELSA-2022-0442

ELSA-2022-0442 - log4j security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2022-02-08

Description

[0:1.2.17-18]
- Fix Unsafe deserialization flaw in Chainsaw log viewer
- Fix SQL injection when application is configured to use JDBCAppender
- Fix remote code execution when application is configured to use JMSSink
- Resolves: CVE-2022-23307, CVE-2022-23305, CVE-2022-23302

Related CVEs

CVE-2022-23302

CVE-2022-23305

CVE-2022-23307

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	log4j-1.2.17-18.el7_4.src.rpm	9aeac63055e249620d3f050cef40cd16e65bb47a7a0444c64c1b29599eb5797d	-	ol7_aarch64_latest
	log4j-1.2.17-18.el7_4.src.rpm	9aeac63055e249620d3f050cef40cd16e65bb47a7a0444c64c1b29599eb5797d	-	ol7_aarch64_optional_latest
	log4j-1.2.17-18.el7_4.src.rpm	9aeac63055e249620d3f050cef40cd16e65bb47a7a0444c64c1b29599eb5797d	-	ol7_aarch64_u9_patch
	log4j-1.2.17-18.el7_4.noarch.rpm	ae87c0671ecf65c33010823c327c1c4ff528ddc56126553005a141bd39fc35e0	-	ol7_aarch64_latest
	log4j-1.2.17-18.el7_4.noarch.rpm	ae87c0671ecf65c33010823c327c1c4ff528ddc56126553005a141bd39fc35e0	-	ol7_aarch64_u9_patch
	log4j-javadoc-1.2.17-18.el7_4.noarch.rpm	2561e705febce124e31fabe2a45252d868e063491be3632f71cf99c8e578c449	-	ol7_aarch64_optional_latest
	log4j-manual-1.2.17-18.el7_4.noarch.rpm	fddd88f3567e37ef806159ab47730312a109617ba0b4e224c2a62dca7e2ba5f9	-	ol7_aarch64_optional_latest

Oracle Linux 7 (x86_64)	log4j-1.2.17-18.el7_4.src.rpm	9aeac63055e249620d3f050cef40cd16e65bb47a7a0444c64c1b29599eb5797d	-	ol7_x86_64_latest
	log4j-1.2.17-18.el7_4.src.rpm	9aeac63055e249620d3f050cef40cd16e65bb47a7a0444c64c1b29599eb5797d	-	ol7_x86_64_optional_latest
	log4j-1.2.17-18.el7_4.src.rpm	9aeac63055e249620d3f050cef40cd16e65bb47a7a0444c64c1b29599eb5797d	-	ol7_x86_64_u9_patch
	log4j-1.2.17-18.el7_4.noarch.rpm	ae87c0671ecf65c33010823c327c1c4ff528ddc56126553005a141bd39fc35e0	-	ol7_x86_64_latest
	log4j-1.2.17-18.el7_4.noarch.rpm	ae87c0671ecf65c33010823c327c1c4ff528ddc56126553005a141bd39fc35e0	-	ol7_x86_64_u9_patch
	log4j-javadoc-1.2.17-18.el7_4.noarch.rpm	2561e705febce124e31fabe2a45252d868e063491be3632f71cf99c8e578c449	-	ol7_x86_64_optional_latest
	log4j-manual-1.2.17-18.el7_4.noarch.rpm	fddd88f3567e37ef806159ab47730312a109617ba0b4e224c2a62dca7e2ba5f9	-	ol7_x86_64_optional_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691