You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@logging.apache.org by rp...@apache.org on 2021/12/14 12:21:58 UTC
[logging-log4j2] branch release-2.x updated (9573cbe -> 5c7f42d)
This is an automated email from the ASF dual-hosted git repository.
rpopma pushed a change to branch release-2.x
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git.
from 9573cbe Improve top page
new 283f8c7 Fix broken anchor link
new 5c7f42d Fix typo
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
src/site/markdown/index.md.vm | 2 +-
src/site/markdown/security.md | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
[logging-log4j2] 01/02: Fix broken anchor link
Posted by rp...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rpopma pushed a commit to branch release-2.x
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
commit 283f8c77f84458231c949aed3cd3e612231d463f
Author: rpopma <rp...@apache.org>
AuthorDate: Tue Dec 14 21:19:47 2021 +0900
Fix broken anchor link
---
src/site/markdown/index.md.vm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/site/markdown/index.md.vm b/src/site/markdown/index.md.vm
index d8ecfc9..e3de3e6 100644
--- a/src/site/markdown/index.md.vm
+++ b/src/site/markdown/index.md.vm
@@ -26,7 +26,7 @@ Apache Log4j 2 is an upgrade to Log4j that provides significant improvements ove
provides many of the improvements available in Logback while fixing some inherent problems in Logback's architecture.
-<a name="CVE-2021-44228">
+<a name="CVE-2021-44228"/>
$h2 Important: Security Vulnerability CVE-2021-44228
The Log4j team has been made aware of a security vulnerability, CVE-2021-44228, that has been addressed in Log4j 2.15.0
[logging-log4j2] 02/02: Fix typo
Posted by rp...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rpopma pushed a commit to branch release-2.x
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
commit 5c7f42d3a9c4b367b4d81c212411029c499f3f6f
Author: rpopma <rp...@apache.org>
AuthorDate: Tue Dec 14 21:20:06 2021 +0900
Fix typo
---
src/site/markdown/security.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/site/markdown/security.md b/src/site/markdown/security.md
index 1fa02a7..4ed95d1 100644
--- a/src/site/markdown/security.md
+++ b/src/site/markdown/security.md
@@ -84,7 +84,7 @@ Applications using only the log4j-api JAR file without the log4j-core JAR file a
#### History
**Older (discredited) mitigation measures**
-We strongly recommend upgrading Log4j to a safe version, or removing the JndiLookup class from the log4j-core class.
+We strongly recommend upgrading Log4j to a safe version, or removing the JndiLookup class from the log4j-core jar.
This page previously had other mitigation measures, but we discovered that these measures only limit exposure while leaving some attack vectors open.