This is an automated email from the ASF dual-hosted git repository.
rpopma pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/logging-log4j-site.git
The following commit(s) were added to refs/heads/asf-staging by this push:
new a3cb486 [LOG4J2-2819] update security page for CVE-2020-9488 fix
backported to 2.12.3
a3cb486 is described below
commit a3cb4862a6476793c3ece81208fd33c78ccfe7db
Author: Remko Popma <[email protected]>
AuthorDate: Thu Dec 23 13:07:19 2021 +0900
[LOG4J2-2819] update security page for CVE-2020-9488 fix backported to
2.12.3
---
log4j-2.17.0/security.html | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/log4j-2.17.0/security.html b/log4j-2.17.0/security.html
index 0be2913..9be6574 100644
--- a/log4j-2.17.0/security.html
+++ b/log4j-2.17.0/security.html
@@ -342,7 +342,7 @@
<li><a class="externalLink"
href="https://issues.apache.org/jira/browse/LOG4J2-3201";>https://issues.apache.org/jira/browse/LOG4J2-3201</a></li>
<li><a class="externalLink"
href="https://issues.apache.org/jira/browse/LOG4J2-3198";>https://issues.apache.org/jira/browse/LOG4J2-3198</a>.</li>
</ul></section></section><section>
- <h2><a name="Fixed_in_Log4j_2.13.2_.28Java_8.29"></a><a
name="log4j-2.13.2"></a> Fixed in Log4j 2.13.2 (Java 8)</h2>
+ <h2><a name="Fixed_in_Log4j_2.13.2_.28Java_8.29"></a><a
name="log4j-2.13.2"></a> Fixed in Log4j 2.13.2 (Java 8) and 2.12.3 (Java 7)</h2>
<p><a name="CVE-2020-9488"></a><a name="cve-2020-9488"></a> <a
class="externalLink"
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9488";>CVE-2020-9488</a>:
Improper validation of certificate with host mismatch in Apache Log4j SMTP
appender.</p>
<table border="0" class="table table-striped">
<thead>
