hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-07 01:54:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixes New Remote Code Execution Bug

Browse Source 
«Apache has released another Log4j version, 2.17.1 fixing a newly discovered remote code execution (RCE) vulnerability in 2.17.0, tracked as CVE-2021-44832. Prior to today, 2.17.0 was the most recent version of Log4j and deemed the safest release to upgrade to, but that advice has now evolved.»
https://www.bleepingcomputer.com/news/security/log4j-2171-out-now-fixes-new-remote-code-execution-bug/
https://checkmarx.com/blog/cve-2021-44832-apache-log4j-2-17-0-arbitrary-code-execution-via-jdbcappender-datasource-element/
This commit is contained in:
Paulo Graça
2022-01-03 12:13:12 +00:00
committed by GitHub
parent 75b6d67a47
commit 746413dea1
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pom.xml
View File

@@ -36,7 +36,7 @@
<jaxb-runtime.version>2.3.1</jaxb-runtime.version>
<!-- NOTE: Jetty needed for Solr, Handle Server & tests -->
<jetty.version>9.4.41.v20210516</jetty.version>
<log4j.version>2.17.0</log4j.version>
<log4j.version>2.17.1</log4j.version>
<pdfbox-version>2.0.24</pdfbox-version>
<poi-version>3.17</poi-version>
<slf4j.version>1.7.25</slf4j.version>