Information on source package apache-log4j2

Available versions

ReleaseVersion
stretch2.7-2
stretch (security)2.12.4-0+deb9u1
buster2.17.1-1~deb10u1
buster (security)2.17.0-1~deb10u1
bullseye2.17.1-1~deb11u1
bullseye (security)2.17.0-1~deb11u1
bookworm2.17.2-1
sid2.17.2-1

Resolved issues

BugDescription
CVE-2021-45105Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and ...
CVE-2021-45046It was found that the fix to address CVE-2021-44228 in Apache Log4j 2. ...
CVE-2021-44832Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fi ...
CVE-2021-44228Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2. ...
CVE-2020-9488Improper validation of certificate with host mismatch in Apache Log4j ...
CVE-2017-5645In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or ...

Security announcements

DSA / DLADescription
DLA-2870-1apache-log4j2 - security update
DLA-2852-1apache-log4j2 - security update
DSA-5024-1apache-log4j2 - security update
DSA-5022-1apache-log4j2 - security update
DLA-2842-1apache-log4j2 - security update
DSA-5020-1apache-log4j2 - security update

Search for package or bug name: Reporting problems