log4j: fix CVE-2022-23307
Unsafe deserialization in chainsaw. Advance to version 1.2.17-18.el7_4. === Testing === build-pkgs/build-iso and boot. log4j is not in the runtime system, nor is it in the mock build environment. === Closes-bug: 1969993 Signed-off-by: Joe Slater <joe.slater@windriver.com> Change-Id: I0e16887da7c22173c0c05c60a49bf026521d93a7
This commit is contained in:
parent
455b58905c
commit
2723cbfe5a
@ -545,7 +545,7 @@ lksctp-tools-1.0.17-2.el7.x86_64.rpm
|
||||
lldpad-1.0.1-3.git036e314.el7.x86_64.rpm
|
||||
lm_sensors-devel-3.4.0-6.20160601gitf9185e5.el7.x86_64.rpm
|
||||
lm_sensors-libs-3.4.0-6.20160601gitf9185e5.el7.x86_64.rpm
|
||||
log4j-1.2.17-16.el7_4.noarch.rpm
|
||||
log4j-1.2.17-18.el7_4.noarch.rpm
|
||||
lsof-4.87-6.el7.x86_64.rpm
|
||||
lsscsi-0.27-6.el7.x86_64.rpm
|
||||
lttng-ust-2.10.0-1.el7.x86_64.rpm
|
||||
|
Loading…
Reference in New Issue
Block a user