| Release | Version |
|---|---|
| bullseye | 0.11.0-2 |
| bullseye (security) | 0.11.0-2+deb11u1 |
| bookworm | 1.0.0-1 |
| trixie | 1.4.0-1 |
| forky | 1.4.0-1.1 |
| sid | 1.5.0-1 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2025-54813 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Improper Output Neutralization for Logs vulnerability in Apache Log4cx ... |
| CVE-2025-54812 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Improper Output Neutralization for Logs vulnerability in Apache Log4cx ... |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2023-31038 | vulnerable | vulnerable | fixed | fixed | fixed | SQL injection in Log4cxx when using the ODBC appender to send log mess ... |
| DSA / DLA | Description |
|---|---|
| DLA-4322-1 | log4cxx - security update |