diff options
| author | Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> | 2022-04-27 01:01:16 +0200 |
|---|---|---|
| committer | Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> | 2022-04-27 01:01:19 +0200 |
| commit | 54a5918a66e1779eb0abc80ccd003dafa3241665 (patch) | |
| tree | 96448e099c9ef9f56f9418f1e20ae72ec855e91a /pcr/log4j-1.2/apache-log4j-add_missing_classes.patch | |
| parent | 29dbfaa0792627e69c3cf6a8bc39295307663579 (diff) | |
| download | abslibre-54a5918a66e1779eb0abc80ccd003dafa3241665.tar.gz abslibre-54a5918a66e1779eb0abc80ccd003dafa3241665.tar.bz2 abslibre-54a5918a66e1779eb0abc80ccd003dafa3241665.zip | |
pcr: remove log4j-1.2
The 1.2 version of log4j is not only unmaintained / End of life, but it
also has lot of security vulnerabilities[1] including at least one
critical CVE, 4 high CVEs and 1 moderate CVE.
[1]https://logging.apache.org/log4j/1.2/
Link: https://labs.parabola.nu/issues/3261
Reported-by: gap
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Diffstat (limited to 'pcr/log4j-1.2/apache-log4j-add_missing_classes.patch')
| -rw-r--r-- | pcr/log4j-1.2/apache-log4j-add_missing_classes.patch | 13 |
1 files changed, 0 insertions, 13 deletions
diff --git a/pcr/log4j-1.2/apache-log4j-add_missing_classes.patch b/pcr/log4j-1.2/apache-log4j-add_missing_classes.patch deleted file mode 100644 index 215aabd3e..000000000 --- a/pcr/log4j-1.2/apache-log4j-add_missing_classes.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- apache-log4j-1.2.17.orig/build.xml 2012-05-06 06:00:28.000000000 -0500 -+++ apache-log4j-1.2.17/build.xml 2015-09-19 12:28:05.401524127 -0500 -@@ -430,7 +430,9 @@ - ${stem}/or/*.class, - ${stem}/or/sax/*.class, - ${stem}/or/jms/*.class, -- ${stem}/config/*.class" -+ ${stem}/config/*.class -+ ${stem}/pattern/*.class -+ ${stem}/rewrite/*.class" - excludes="**/UnitTest**"> - <manifest> - <section name="org/apache/log4j"> |