StarlingX

  1. Bug #1969993
  2. Comment #2

Comment 2 for bug 1969993

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tools (master)

Reviewed: https://review.opendev.org/c/starlingx/tools/+/839248
Committed: https://opendev.org/starlingx/tools/commit/2723cbfe5aaae63089f46e6fe202524d43bf5154
Submitter: "Zuul (22348)"
Branch: master

commit 2723cbfe5aaae63089f46e6fe202524d43bf5154
Author: Joe Slater <email address hidden>
Date: Fri Apr 22 16:28:49 2022 -0400

    log4j: fix CVE-2022-23307

    Unsafe deserialization in chainsaw. Advance to
    version 1.2.17-18.el7_4.

    === Testing ===
    build-pkgs/build-iso and boot.

    log4j is not in the runtime system, nor is it in
    the mock build environment.
    ===

    Closes-bug: 1969993
    Signed-off-by: Joe Slater <email address hidden>
    Change-Id: I0e16887da7c22173c0c05c60a49bf026521d93a7