pool/logback
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OBS-URL: https://build.opensuse.org/package/show/Java:packages/logback?expand=0&rev=8

Browse Source
This commit is contained in:
Fridrich Strba 2021-12-16 16:31:11 +00:00 committed by Git OBS Bridge
parent 3a671b83bd
commit fbd2d48c5e
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
logback.changes
View File

@ -1,14 +1,14 @@
-------------------------------------------------------------------
Thu Dec 16 16:21:39 UTC 2021 - Fridrich Strba <fstrba@suse.com>
- Upgrade to version 1.2.8
- Upgrade to version 1.2.8 (bsc#1193795)
* Changes of version 1.2.8
+ In response to LOGBACK-1591, we have disabled all JNDI lookup
code in logback until further notice. This impacts
+ In response to LOGBACK-1591, all JNDI lookup code in logback
has been disabled until further notice. This impacts
ContextJNDISelector and <insertFromJNDI> element in
configuration files.
+ Also in response to LOGBACK-1591, we have removed all database
(JDBC) related code in the project with no replacement.
+ Also in response to LOGBACK-1591, all database (JDBC) related
code in the project has been removed with no replacement.
+ Note that the vulnerability mentioned in LOGBACK-1591 requires
write access to logback's configuration file as a
prerequisite. The log4Shell/CVE-2021-44228 and LOGBACK-1591