USN-5223-1 fixed a vulnerability in Apache Log4j 1.2. This update
provides the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Apache Log4j 1.2 was vulnerable to deserialization of
untrusted data if the configuration file was editable. An attacker could use
this vulnerability to cause a DoS or possibly execute arbitrary code.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 16.04 | noarch | liblog4j1.2-java | < 1.2.17-7ubuntu1+esm1 | UNKNOWN |
Ubuntu | 16.04 | noarch | liblog4j1.2-java | < 1.2.17-7ubuntu1 | UNKNOWN |
Ubuntu | 16.04 | noarch | liblog4j1.2-java-doc | < 1.2.17-7ubuntu1 | UNKNOWN |