[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2022:0226-1 -- SLES log4j12

ID: oval:org.secpod.oval:def:89047423Date: (C)2022-11-04   (M)2023-12-26
Class: PATCHFamily: unix




This update for log4j12 fixes the following issues: - CVE-2022-23307: Fix deserialization issue by removing the chainsaw sub-package. - CVE-2022-23305: Fix SQL injection by removing src/main/java/org/apache/log4j/jdbc/JDBCAppender.java. - CVE-2022-23302: Fix remote code execution by removing src/main/java/org/apache/log4j/net/JMSSink.java

Platform:
SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Desktop 15 SP3
Product:
log4j12
Reference:
SUSE-SU-2022:0226-1
CVE-2022-23302
CVE-2022-23305
CVE-2022-23307
CVE    3
CVE-2022-23307
CVE-2022-23305
CVE-2022-23302
CPE    5
cpe:/a:apache:log4j12
cpe:/o:suse:suse_linux_enterprise_server:15:sp4
cpe:/o:suse:suse_linux_enterprise_server:15:sp3
cpe:/o:suse:suse_linux_enterprise_desktop:15:sp4
...

© SecPod Technologies