bug#52421: closed ([PATCH][SECURITY] gnu: java-log4j-api: Update to 2.15.0.)

[GNU bug Tracking System]

Your message dated Sun, 12 Dec 2021 19:25:44 +0100
with message-id <20211212192544.0b4015e2@tachikoma.lepiller.eu>
and subject line Re: bug#52421: [PATCH][SECURITY] gnu: java-log4j-api: Update 
to 2.15.0.
has caused the debbugs.gnu.org bug report #52421,
regarding [PATCH][SECURITY] gnu: java-log4j-api: Update to 2.15.0.
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs@gnu.org.)


-- 
52421: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=52421
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems
> --- Begin Message ---
>
>
>
> Subject: 
>
> [PATCH][SECURITY] gnu: java-log4j-api: Update to 2.15.0.
>
>
>
>
> Date: 
>
> Sat, 11 Dec 2021 03:11:59 +0100
>
>
>
>
> Hi Guix!
>
> today I learnt about a CVE on log4j. Looking more closely, it seems
> that log4j2 has had 3 CVEs (at least 3 are listed on
> https://logging.apache.org/log4j/2.x/security.html) and we're
> vulnerable to all of them \o/
>
> This series updates to the latest version. Thankfully, log4j keeps a
> stable API, so there's no breakage in dependents, but a few
> dependencies had to be added/updated.
>
>
>
> --- End Message ---
> --- Begin Message ---
>
>
>
> Subject: 
>
> Re: bug#52421: [PATCH][SECURITY] gnu: java-log4j-api: Update to 2.15.0.
>
>
>
>
> Date: 
>
> Sun, 12 Dec 2021 19:25:44 +0100
>
>
>
>
> Thanks for the review. I added remarks from IRC and pushed the update
> as 5259513d5e5a918bb44b87ab7a562621cc78c945 to
> d5cfca23e30a9166d49faf0b48cca3ee27699f7a.
>
>
> --- End Message ---