ELSA-2022-0442
- ULN >
- Oracle Linux Errata repository >
- ELSA-2022-0442
ELSA-2022-0442 - log4j security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2022-02-08 |
Description
[0:1.2.17-18]
- Fix Unsafe deserialization flaw in Chainsaw log viewer
- Fix SQL injection when application is configured to use JDBCAppender
- Fix remote code execution when application is configured to use JMSSink
- Resolves: CVE-2022-23307, CVE-2022-23305, CVE-2022-23302
Related CVEs
| CVE-2022-23302 |
| CVE-2022-23305 |
| CVE-2022-23307 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (aarch64) | log4j-1.2.17-18.el7_4.src.rpm | 096ab8cf88596bcb342b4cf9d59c64e1 | - |
| log4j-1.2.17-18.el7_4.noarch.rpm | 1b07d7959f15e5ab463865225bda898d | - | |
| log4j-javadoc-1.2.17-18.el7_4.noarch.rpm | 4d1903bf29d42600f21e3cb5c4644ee1 | - | |
| log4j-manual-1.2.17-18.el7_4.noarch.rpm | bda2797774f4b6346e1be26bb7efc3dd | - | |
| Oracle Linux 7 (x86_64) | log4j-1.2.17-18.el7_4.src.rpm | 096ab8cf88596bcb342b4cf9d59c64e1 | - |
| log4j-1.2.17-18.el7_4.noarch.rpm | 1b07d7959f15e5ab463865225bda898d | - | |
| log4j-javadoc-1.2.17-18.el7_4.noarch.rpm | 4d1903bf29d42600f21e3cb5c4644ee1 | - | |
| log4j-manual-1.2.17-18.el7_4.noarch.rpm | bda2797774f4b6346e1be26bb7efc3dd | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
