DSA-5024-1

Source
https://security-tracker.debian.org/tracker/DSA-5024-1
Import Source
https://storage.googleapis.com/debian-osv/dsa-osv/DSA-5024-1.json
JSON Data
https://api.osv.dev/v1/vulns/DSA-5024-1
Related
Published
2021-12-18T00:00:00Z
Modified
2024-01-09T20:29:48.859390Z
Summary
apache-log4j2 - security update
Details
References

Affected packages

Debian:10 / apache-log4j2

Package

Name
apache-log4j2
Purl
pkg:deb/debian/apache-log4j2?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.17.0-1~deb10u1

Affected versions

2.*

2.11.1-2
2.11.2-1
2.13.3-1
2.15.0-1~deb10u1
2.15.0-1~deb11u1
2.15.0-1
2.16.0-1~deb10u1
2.16.0-1~deb11u1
2.16.0-1

Debian:11 / apache-log4j2

Package

Name
apache-log4j2
Purl
pkg:deb/debian/apache-log4j2?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.17.0-1~deb11u1

Affected versions

2.*

2.13.3-1
2.15.0-1~deb10u1
2.15.0-1~deb11u1
2.15.0-1
2.16.0-1~deb10u1
2.16.0-1~deb11u1
2.16.0-1
2.17.0-1~deb10u1