Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

logback-access-1.2.8-3.3.1 RPM for noarch

From OpenSuSE Leap 15.4 for noarch

Name: logback-access Distribution: SUSE Linux Enterprise 15
Version: 1.2.8 Vendor: SUSE LLC <https://www.suse.com/>
Release: 3.3.1 Build date: Fri Dec 17 08:46:32 2021
Group: Unspecified Build host: sheep58
Size: 111018 Source RPM: logback-1.2.8-3.3.1.src.rpm
Packager: https://www.suse.com/
Url: https://logback.qos.ch/
Summary: Logback-access module for Servlet integration
The logback-access module integrates with Servlet containers, such as Tomcat
and Jetty, to provide HTTP-access log functionality. Note that you could
easily build your own module on top of logback-core.

Provides

Requires

License

EPL-1.0 OR LGPL-2.1-or-later

Changelog

* Thu Dec 16 2021 fstrba@suse.com
  - Upgrade to version 1.2.8 (bsc#1193795)
    * Changes of version 1.2.8
      + In response to LOGBACK-1591, all JNDI lookup code in logback
    has been disabled until further notice. This impacts
      ContextJNDISelector and <insertFromJNDI> element in
      configuration files.
      + Also in response to LOGBACK-1591, all database (JDBC) related
    code in the project has been removed with no replacement.
      + Note that the vulnerability mentioned in LOGBACK-1591 requires
      write access to logback's configuration file as a
      prerequisite. The log4Shell/CVE-2021-44228 and LOGBACK-1591
      are of different severity levels. A successful RCE requires
      all of the following conditions to be met:
    - write access to logback.xml
    - use of versions < 1.2.8
    - reloading of poisoned configuration data, which implies
      application restart or scan="true" set prior to attack
      + As an additional extra precaution, in addition to upgrading to
      logback version 1.2.8, the users are advised to set their
      logback configuration files as read-only.
    * Changes of version 1.2.7
      + Added hostnameVerification to property SSLSocketAppender.
      This fixes LOGBACK-1574.
    * Changes of version 1.2.6
      + To prevent XML eXternal Entity injection (XXE) attacks, Joran
      no longer reads external entities passed in XML files. This
      fixes LOGBACK-1465.
    * Changes of version 1.2.5
      + Instead of an Appender, the LayoutWrappingEncoder now accepts
      a variable of type ContextAware as a parent. This fixes
      LOGBACK-1326.
    * Changes of version 1.2.4
      + Added support for minimum length in %i filename pattern. This
      fixes LOGBACK-1248.
      + For size bound log file archiving, allow
      TimeBasedArchiveRemove to remove files with indexes containing
      upto 5 digits. This fixes LOGBACK-1175.
      + Added %prefix composite converter which automatically prefixes
      child converter output with the name of the converter. This
      feature is quite handy in environments where log files need to
      be parsed and monitored.
  - Changed patch:
    * logback-1.1.11-jetty.patch -> logback-1.2.8-jetty.patch
      + Rediff to changed context
* Fri Nov 29 2019 fstrba@suse.com
  - Do not force building with java < 9
  - Specify maven.compiler.release=8 to access the
    java.util.function.Supplier API, introduced in java 8
  - Added patch:
    * logback-1.2.3-getCallerClass.patch
      + Access the sun.reflect.Reflection.getCallerClass by
      reflection, in order to be able to build with jdk >= 9
* Sun Nov 17 2019 fstrba@suse.com
  - Initial packaging of logback 1.2.3

Files

/usr/share/java/logback
/usr/share/java/logback/logback-access.jar
/usr/share/licenses/logback-access
/usr/share/licenses/logback-access/LICENSE.txt
/usr/share/maven-metadata/logback-access.xml
/usr/share/maven-poms/logback
/usr/share/maven-poms/logback/logback-access.pom


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 15:53:55 2024