DLA-2852-1

NameDLA-2852-1
Descriptionapache-log4j2 - security update
SourceDebian LTS
ReferencesCVE-2020-9488, CVE-2021-45105

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
apache-log4j2 (PTS)stretch2.7-2vulnerable
stretch (security)2.12.4-0+deb9u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
apache-log4j2sourcestretch2.12.3-0+deb9u1

Search for package or bug name: Reporting problems