Wiki source code of eMagiz Runtime - 5.0.4
Last modified by Martijn Woudstra on 2023/04/13 15:29
Hide last authors
| author | version | line-number | content |
|---|---|---|---|
 |
12.1 | 1 | Fourth maintenance release in the eMagiz 5.0.x line. This release fixes Log4J security vulnerabilities CVE-2021-44228 and CVE-2021-45046. |
| 2 | |||
| 3 | Find out more in our [[Release blog>>Main.Release Information.Release Blogs.Apache Log4J vulnerability patch - Release blog.WebHome||target="blank"]]. | ||
| 4 | |||
| 5 | |||
| 6 | ===== Bug Fixes ===== | ||
| 7 | |||
| 8 | * Updated OPS4J Pax Logging version 1.10.1 to version 1.11.11. Internally this uses Apache Log4j 2, which is updated from version 2.8.2 to 2.16.0 in this release. This fixed the following two security vulnerabilities: | ||
| |
14.1 | 9 | ** [[CVE-2021-44228 (CVSS score 10.0 - Critical)>>https://nvd.nist.gov/vuln/detail/CVE-2021-44228||target="blank"]] |
| 10 | ** [[CVE-2021-45046 (CVSS score 3.7 - Low)>>https://nvd.nist.gov/vuln/detail/CVE-2021-45046||target="blank"]] | ||
| |
12.1 | 11 | |
| 12 |