bodhi.fedoraproject.org
Open in
urlscan Pro
2604:1580:fe00:0:dead:beef:cafe:fed1
Public Scan
URL:
https://bodhi.fedoraproject.org/updates/FEDORA-2021-66d6c484f3
Submission: On August 16 via api from IL — Scanned from DE
Submission: On August 16 via api from IL — Scanned from DE
Form analysis 2 forms found in the DOM
Name: bodhi-searchbar —
<form id="bodhi-searchbar" name="bodhi-searchbar" class="mx-2">
<div class="typeahead__container">
<div class="typeahead__field">
<div class="typeahead__query">
<span class="typeahead__cancel-button">×</span><input class="bodhi-searchbar-input" name="bodhi-searchbar-input" placeholder="Search..." autocomplete="off">
</div><span class="typeahead__filter"><button type="button" class="typeahead__filter-button">All</button>
<ul class="typeahead__dropdown">
<li class="typeahead__dropdown-item group-packages"><a href="javascript:;">packages</a></li>
<li class="typeahead__dropdown-item group-updates"><a href="javascript:;">updates</a></li>
<li class="typeahead__dropdown-item group-users"><a href="javascript:;">users</a></li>
<li class="typeahead__dropdown-item group-overrides"><a href="javascript:;">overrides</a></li>
<li class="typeahead__dropdown-item group-all"><a href="javascript:;">All</a></li>
</ul>
</span>
</div>
</div>
</form><form>
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<h3 class="modal-title" id="waiveModalLabel">Trigger Tests</h3>
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span></button>
</div>
<div class="modal-body">
<div class="row">
<div class="col-sm-offset-2 col-sm-10">
<p>Confirm request to re-trigger tests.</p>
</div>
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" class="btn btn-primary">Trigger new test run</button>
</div>
</div>
</div>
</form>Text Content
* Releases
* Updates
* Overrides
×
All
* packages
* updates
* users
* overrides
* All
* Login
stable
jansi-2.1.1-4.fc34 and log4j-2.16.0-1.fc34
FEDORA-2021-66d6c484f3 created by adamwill 8 months ago for Fedora 34
* Details
* Builds 2
* Bugs 1
* Automated Tests 2
This update provides log4j 2.16.0, to address the critical vulnerability
CVE-2021-44228 ("Log4Shell"). Note with 2.16.0, JNDI is entirely disabled by
default; to use it, you must set log4j2.enableJndi (please carefully consider
potential security issues before doing so).
The updated jansi adds (back) a feature, AnsiRenderer, which the newer log4j
requires; this is the only change to jansi.
For other changes in log4j 2.16.0, see the upstream changelog. Most changes are
compatible enhancements or bug fixes, but there may be some behaviour changes.
HOW TO INSTALL
sudo dnf upgrade --refresh --advisory=FEDORA-2021-66d6c484f3
This update has been submitted for testing by adamwill.
8 months ago
This update's test gating status has been changed to 'ignored'.
8 months ago
This update has been pushed to testing.
8 months ago
huzaifas commented & provided feedback 8 months ago
karma
works for me
BZ#2030945 CVE-2021-44228 log4j: log4j-core: Remote code execution in Log4j 2.x
when logs contain an attacker-controlled string value [fedora-all]
geraldosimiao provided feedback 8 months ago
karma
BZ#2030945 CVE-2021-44228 log4j: log4j-core: Remote code execution in Log4j 2.x
when logs contain an attacker-controlled string value [fedora-all]
This update can be pushed to stable now if the maintainer wishes
8 months ago
This update has been submitted for stable by bodhi.
8 months ago
This update has been pushed to stable.
8 months ago
--------------------------------------------------------------------------------
Please login to add feedback.
Metadata
Type
security
Severity
urgent
Karma
2
Signed
Content Type
RPM
Test Gating
no tests are required
Builds
2
jansi-2.1.1-4.fc34
log4j-2.16.0-1.fc34
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
8 months ago
in testing
8 months ago
in stable
8 months ago
BZ#2030945 CVE-2021-44228 log4j: log4j-core: Remote code execution in Log4j 2.x
when logs contain an attacker-controlled string value [fedora-all]
0
2
jansi-2.1.1-4.fc34 log4j-2.16.0-1.fc34
AUTOMATED TEST RESULTS
no tests are required
JANSI-2.1.1-4.FC34
fedora-ci.koji-build.rpminspect.static-analysis8 months ago
LOG4J-2.16.0-1.FC34
fedora-ci.koji-build.rpminspect.static-analysis8 months ago
FEDORA-2021-66D6C484F3
No results reported for this build.
TRIGGER TESTS
×
Confirm request to re-trigger tests.
Cancel Trigger new test run
Copyright © 2007-2022 Red Hat, Inc. and others.
Running bodhi-server 6.0.1 on bodhi-web-17-74wss.
bodhi is Free Software. Please file issues if you have any problems. Read the
documentation.
• Composes • Legal • Privacy policy •
INTERNAL SERVER ERROR!
The server encountered an internal error
Close