[CentOS-devel] Fw: [CentOS-announce] CESA-2022:0442 Important CentOS 7 log4j Security Update

Wed Mar 2 15:00:15 UTC 2022
Kumar, Sanjeev <sanjeev.kumar at bia-boeing.com>

Hi John (Johnny Hughes),

Is there a way to get this latest log4j 1.2.17 version be certified as a supported version in the Tenable Plugin Alert as seen below:

https://www.tenable.com/plugins/nessus/156032

Since the fix is officially deployed in the mirrors, wouldn't that make the 1.2.17 version a supported version for the nessus plugin?

Regards,
Sanjeev
________________________________
From: CentOS-announce <centos-announce-bounces at centos.org> on behalf of Johnny Hughes <johnny at centos.org>
Sent: Monday, February 7, 2022 11:47 AM
To: centos-announce at centos.org <centos-announce at centos.org>
Subject: [CentOS-announce] CESA-2022:0442 Important CentOS 7 log4j Security Update

Warning: Replies to this message will go to centos-announce-bounces at centos.org. If you are unsure this is correct please contact the helpdesk.

CentOS Errata and Security Advisory 2022:0442 Important

Upstream details at : https://usg02.safelinks.protection.office365.us/?url=https%3A%2F%2Faccess.redhat.com%2Ferrata%2FRHSA-2022%3A0442&data=04%7C01%7Csanjeev.kumar%40bia-boeing.com%7C5bf3fa5591e44bedd6b508d9ea59cd9e%7C930618188e444a1190d0a066b65d501d%7C0%7C0%7C637798493690756156%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=L31Vj6dN0D4ddRNppFNaHdZkK0YU37RRqTNnokMjQgI%3D&reserved=0

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
1b461b4e217ac5f51d8990aad583c7f189e73fd3220a54053124772b83c42eba  log4j-1.2.17-18.el7_4.noarch.rpm
e4950b148639895cb3ed78b8a00c0708abe4685bd380e0003ebeb947ea1edc42  log4j-javadoc-1.2.17-18.el7_4.noarch.rpm
7bbf77456d5e310210c4bd541fee70097c26568f34f44184c878e5874e2b57f1  log4j-manual-1.2.17-18.el7_4.noarch.rpm

Source:
c4224181672eede65a1b3d8f829c9ed475cade9b7234f58c03994f39459ca732  log4j-1.2.17-18.el7_4.src.rpm



--
Johnny Hughes
CentOS Project { https://usg02.safelinks.protection.office365.us/?url=http%3A%2F%2Fwww.centos.org%2F&data=04%7C01%7Csanjeev.kumar%40bia-boeing.com%7C5bf3fa5591e44bedd6b508d9ea59cd9e%7C930618188e444a1190d0a066b65d501d%7C0%7C0%7C637798493690756156%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=4EqU%2FPDMqOq6tWmMyHP5Cxh6z4bHuv6FBW1KYvI%2BwjE%3D&reserved=0 }
irc: hughesjr, #centos at libera.chat
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce at centos.org
https://usg02.safelinks.protection.office365.us/?url=https%3A%2F%2Flists.centos.org%2Fmailman%2Flistinfo%2Fcentos-announce&data=04%7C01%7Csanjeev.kumar%40bia-boeing.com%7C5bf3fa5591e44bedd6b508d9ea59cd9e%7C930618188e444a1190d0a066b65d501d%7C0%7C0%7C637798493690756156%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=2%2FBrLBqnLaQNRJyx%2FCgPaGE858BrqW%2FO8RD1KUyGm2o%3D&reserved=0

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20220302/84b874a9/attachment-0002.html>