Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-04-27 | pcr: remove log4j-1.2 | Denis 'GNUtoo' Carikli | |
The 1.2 version of log4j is not only unmaintained / End of life, but it also has lot of security vulnerabilities[1] including at least one critical CVE, 4 high CVEs and 1 moderate CVE. [1]https://logging.apache.org/log4j/1.2/ Link: https://labs.parabola.nu/issues/3261 Reported-by: gap Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> | |||
2015-09-22 | log4j-1.2: add new package to [pcr] | Omar Vega Ramos | |