Accepted log4cxx 0.11.0-2+deb11u1 (source) into oldoldstable-security

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted log4cxx 0.11.0-2+deb11u1 (source) into oldoldstable-security
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sat, 04 Oct 2025 22:20:22 +0000
Message-id: <[🔎] E1v5Ac2-00CFoB-2t@seger.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 28 Sep 2025 22:25:47 +0200
Source: log4cxx
Built-For-Profiles: noudeb
Architecture: source
Version: 0.11.0-2+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Tobias Frost <tobi@debian.org>
Changed-By: Lukas Märdian <slyon@debian.org>
Closes: 1111879 1111881
Changes:
 log4cxx (0.11.0-2+deb11u1) bullseye-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * Security fixes for CVE-2025-54812 & CVE-2025-54813 from upstream:
     - d/p/CVE-2025-54812*: (Closes: #1111879)
       + Escape any logger name '&' or '"' in html attribute data (PR#509)
       + Escape any thread name '&' or '"' in html attribute data (PR#514)
     - d/p/CVE-2025-54813*: (Closes: #1111881)
       + Escape control characters in JSONLayout data (PR#512)
Checksums-Sha1:
 0e6ccd464a6af39c418fcf0f6188a812a64c064d 2144 log4cxx_0.11.0-2+deb11u1.dsc
 646b66740d176383257de3ffedc68ca2892afb18 1145075 log4cxx_0.11.0.orig.tar.gz
 2d0919b35e2da450976176e50c1ff4a33394a456 35096 log4cxx_0.11.0-2+deb11u1.debian.tar.xz
 a4f2cb33c2a70f2a388b74c015925524c735d649 8176 log4cxx_0.11.0-2+deb11u1_source.buildinfo
Checksums-Sha256:
 b9132fe6c2688ddea89478c7abc538a3da5898570bfe47f0b1508c281fd8452e 2144 log4cxx_0.11.0-2+deb11u1.dsc
 c316705ee3c4e5b919d3561d5f305162d21687aa6ae1f31f02f6cdadc958b393 1145075 log4cxx_0.11.0.orig.tar.gz
 68ead78b68bc8efe696d7e20f55ea7ff5d99725cd88413ed6405f16dee94b894 35096 log4cxx_0.11.0-2+deb11u1.debian.tar.xz
 8f73fb62c6066081075615f6eb94bf932faed6c435e0ab80e2f5eedec1f509c9 8176 log4cxx_0.11.0-2+deb11u1_source.buildinfo
Files:
 46c7e7fc5debe7301b8d110d1157f113 2144 devel optional log4cxx_0.11.0-2+deb11u1.dsc
 bf8d5e2a1356ae593c952e45bf96c5d9 1145075 devel optional log4cxx_0.11.0.orig.tar.gz
 3d18b79bc2ae5645c1f0e1a81982b20b 35096 devel optional log4cxx_0.11.0-2+deb11u1.debian.tar.xz
 48727bc4ccef13cd71647b603cea2e59 8176 devel optional log4cxx_0.11.0-2+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEco7DU8UfXhRO0oCBM4dveyhIiTsFAmjhmJIACgkQM4dveyhI
iTsxuQ/9E55I2tribhuYi+aJGo8zxrhK3xm48IeytxHI4z2+6Es7QVbo9Zqu8Xhb
6wcxw1lujMB6RNm9ml5MJ+ghbm95KVYtj2V4TdnDf+iQVUCbgtrwMtuySWuRAJ5C
y7qKXHWluPF6RNWD2EazmkLyXAbmX0jDF/xj/Iz14p/rK2DMZCsQMJF/hIJvbn3q
rCh9ap6GfBU0zwhFMkdFrpu5flmUj/0fqyHFIfGddoY+9qo8fk6rt31f0qv+9V1v
KeqDhIuN7APAZ6UxYZpKUWSrk2AZVmBRImufQJ0zNhnhf49LqjCX0F9osNCOsJIg
/RuP0uPlCeDy7BiGDFBdC/ZqDeG5rMqFa3CqMHNnC0Zwp0IpmXjjfx5xiPlcUGS8
e7YzXlpxZv5+dzNjdlHbLLRSpLmsV7zpdcx2m4gmNZMzDrrfL0BUkvB+KvpODT2o
y+gojxO4eyS2WZaG/ilYR5zYIeGUFT/kZdpRYPtYjLdJZ8kOFgpvzQyjbw+5W7z1
GemZF1czC4n04KwTi4yttQfH1lkgNoIffDNwSnnFd1DsY89sPcKDfcQGWVVydGqs
ReCOllNQHCGj61cK+fL4cIQv6uh0Odn54WVGGua0WBMB2kJLr9k5QTUovfHnMvOR
q/WTnICDmlFN3cBvFGC5FqmiTvPj+5mmXZ/gQ5ErdtnEXglpy8M=
=LpHc
-----END PGP SIGNATURE-----

Attachment: pgpg_kxxh5_gU.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted openssl 1.1.1w-0+deb11u4 (source) into oldoldstable-security
Previous by thread: Accepted openssl 1.1.1w-0+deb11u4 (source) into oldoldstable-security
Index(es):
- Date
- Thread