SUSE-RU-2022:0846-1: moderate: Recommended update for log4j
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Tue Mar 15 14:22:10 UTC 2022
SUSE Recommended Update: Recommended update for log4j
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:0846-1
Rating: moderate
References: SLE-23508
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
______________________________________________________________________________
An update that has 0 recommended fixes and contains one
feature can now be installed.
Description:
This update ships log4j 2.17.1 to the SUSE Linux Enterprise Basesystem
module. (jsc#SLE-23508)
- Removed alias log4j:log4j from log4j-1.2-api, since it is not a drop-in
replacement
Update to 2.17.1.
Fixed bugs:
- JdbcAppender now uses JndiManager to access JNDI resources. JNDI is only
enabled when system property log4j2.enableJndiJdbc is set to true.
- Remove unused method.
- ExtendedLoggerWrapper.logMessage no longer double-logs when location is
requested.
- log4j-to-slf4j no longer re-interpolates formatted message contents.
- Correct SpringLookup package name in Interpolator.
- log4j-to-slf4j takes the provided MessageFactory into account.
- Fix MapLookup to lookup MapMessage before DefaultMap.
- Buffered I/O checked had inverted logic in RollingFileAppenderBuidler.
- Fix NPE when input is null in StrSubstitutor.replace(String, Properties).
- Lookups with no prefix only read values from the configuration
properties as expected.
- Reduce ignored package scope of KafkaAppender.
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-846=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-846=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-846=1
Package List:
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
jackson-annotations-2.10.2-3.2.1
jackson-core-2.10.2-3.2.1
jackson-databind-2.10.5.1-3.5.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
jackson-annotations-2.10.2-3.2.1
jackson-core-2.10.2-3.2.1
jackson-databind-2.10.5.1-3.5.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
jackson-annotations-2.10.2-3.2.1
jackson-annotations-javadoc-2.10.2-3.2.1
jackson-core-2.10.2-3.2.1
jackson-core-javadoc-2.10.2-3.2.1
jackson-databind-2.10.5.1-3.5.1
jackson-databind-javadoc-2.10.5.1-3.5.1
log4j-2.17.1-4.20.1
log4j-javadoc-2.17.1-4.20.1
log4j-jcl-2.17.1-4.20.1
log4j-slf4j-2.17.1-4.20.1
References:
More information about the sle-updates
mailing list