log4j-jcl-2.13.0-4.6.1 >  A aPp9|S6C<rZ ۑuoXg[|jyT<.][ytMFFrG;u37>x؛tV[{Rf}OB};g#,) ]-*}W+O\<$(!Rϩ r7>a?TI+/9J͓ˮɜA5^M- X6.BK}XF NǤgY]JmpFdݐ[nXyk.65346b62785f86a8b7644bdf52b719532341c683cfda6f9a5a3c88e52f562e86a5cd86b58dbc0e0fbf9b7ab683e7c97f2fecbd20dAxaPp9|LJ>?gNL Yl1߾B w "GZ)"jZmj^bZF91sOűUÝɣXgL4ӽyztŃ/ڋM#i̞3R_"|hPmZ Ž<_8Gp>?td   =dhpt  & 0 D   $=Vt ,(+849x:FGHIXY\] ^Bbcbdefluvwxyz$(.pClog4j-jcl2.13.04.6.1Apache Log4j Commons Logging BridgeApache Log4j Commons Logging Bridge.a'goat14?+SUSE Linux Enterprise 15SUSE LLC Apache-2.0https://www.suse.com/Unspecifiedhttp://logging.apache.org/log4jlinuxnoarch(A큤A큤a a a a a fa33a89a8f93bb1e05b22da8ac6b70a9c1b1ea9ee34885f6551f8a95f1b9342c2b83f8ac80709ce2a2bd370e535780ee3e396e33605a314c46ef53f641906d31f30d6ae1cb5c041805d2057c112f25451fbdb00162a49adc5bdd2e9812a83287rootrootrootrootrootrootrootrootrootrootlog4j-2.13.0-4.6.1.src.rpmlog4j-jclmvn(org.apache.logging.log4j:log4j-jcl)mvn(org.apache.logging.log4j:log4j-jcl:pom:)osgi(org.apache.logging.log4j.jcl)@ @@@    java-headlessjavapackages-filesystemmvn(commons-logging:commons-logging)mvn(org.apache.logging.log4j:log4j-api)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)1.82.13.03.0.4-14.6.0-14.0-15.2-14.14.1a@aA@^@^V]^&^!@]]?\G\=@\I[u[Xf@ZV@Y@TPTPpsimons@suse.compsimons@suse.compmonrealgonzalez@suse.comfstrba@suse.compmonrealgonzalez@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.combwiedemann@suse.comfstrba@suse.comtchvatal@suse.comtchvatal@suse.com- Apply "disable-jndi-by-default.patch" to disable JNDI support by default. There is evidence that the previous upstream fix for CVE-2021-44228 did not solve the vulnerability entirely. Since JNDI support is ususally not required, upstream recommends this route to be completely safe. [bsc#1193611, CVE-2021-44228]- Apply "CVE-2021-44228.patch" to fix a remote code execution vulnerability that existed in the LDAP JNDI parser. [bsc#1193611, CVE-2021-44228]- Security fix: [bsc#1170535, CVE-2020-9488] * Improper validation of certificate with host mismatch in SMTP appender. - Add log4j-CVE-2020-9488.patch- Added patches: * logging-log4j-LOG4J2-2745-LOG4J2-2744-slf4j.patch * logging-log4j-Remove-unsupported-EventDataConverter.patch + fix build with newer slf4j- Update to 2.13.0 [bsc#1159646, CVE-2019-17571] * Bugfixes and minor enhancements: - CVE-2019-17571: Remote code execution: Deserialization of untrusted data in SocketServer - Log4j 2 now requires Java 8 or higher to build and run. - Better integration with Spring Boot by providing access to Spring variables in Log4j 2 configuration files and allowing Log4j 2 system properties to be defined in the Spring configuration. - Support for accessing Kubernetes information via a Log4j 2 Lookup. - The Gelf Layout now allows the message to be formatted using a PatternLayout pattern. - Due to a break in compatibility in the SLF4J binding, Log4j now ships with two versions of the SLF4J to Log4j adapters. - log4j-slf4j-impl should be used with SLF4J 1.7.x and earlier and log4j-slf4j18-impl should be used with SLF4J 1.8.x and later. - Note that the XML, JSON and YAML formats changed in the 2.11.0 release: they no longer have the "timeMillis" attribute and instead have an "Instant" element with "epochSecond" and "nanoOfSecond" attributes. - The Log4j 2.13.0 API, as well as many core components, maintains binary compatibility with previous releases. * New Features - Add ThreadContext.putIfNotNull method. - Add a Level Patttern Selector. - Add experimental support for Log4j 1 configuration files. - Add the ability to lookup Kubernetes attributes in the Log4j configuration. Allow Log4j properties to be retrieved from the Spring environment if it is available. - Allow Spring Boot application properties to be accessed in the Log4j 2 configuration. Add lower and upper case Lookups. - Add builder pattern to Logger interface. * Fixed Bugs - Prevent recursive calls to java.util.LogManager.getLogger(). - Added try/finally around event.execute() for RingBufferLogEventHandler to clear memory correctly in case of exception/error. - Wrong java version check in ThreadNameCachingStrategy. - Use a less confusing name for the CompositeConfiguration source. - Add setKey method to Kafka Appender Builder. - ArrayIndexOutOfBoundsException could occur with MAC address longer than 6 bytes. - The rolling file appenders would fail to compress the file after rollover if the file name matched the file pattern. - @PluginValue does not support attribute names besides "value". - Validation blocks definition of script in properties configuration. - Set result of rename action to true if file was copied. - Add automatic module names where missing. - OutputStreamAppender.Builder ignores setFilter(). - Prevent a memory leak when async loggers throw errors. * Changes - Update Jackson to 2.9.10. - Allow message portion of GELF layout to be formatted using a PatternLayout. - Allow ThreadContext attributes to be explicitly included or excluded in the GelfLayout.- Obsolete log4j-mini, since on systems where this package is installed, the log4j-mini is not supposed to exist, but the compatibility version log4j12-mini/log4j12- Run fdupes on the javadoc- Upgrade to apache-log4j-2.11.1 - Drop the log4j vs. log4j-mini split * the bootstrapping is done using the log4j12/log4j12-mini compatibility packages - Removed patches: * log4j-javadoc-xlink.patch * log4j-logfactor5-userdir.patch * log4j-mx4j-tools.patch * log4j-reproducible.patch + unnecessary with this version- Build against a generic javamail provider instead of against classpathx-mail- Let log4j provide the log4j-mini and obsolete it too. - Remove conflicts on each other- Depend on the generic xml-apis- Install and package the maven pom and metadata files for the non-bootstrap log4j- Require at least java 8 for build- Add log4j-reproducible.patch to drop javadoc timestamps to make package builds more reproducible (boo#1047218)- Specify java source and target level 1.6 to allow building with jdk9- Version bump to 1.2.17 latest 1.2 series: * No short changelog provided - many small changes - Try to avoid cycle between log4j and apache-common-loggings - Remove obsoleted patch: * log4j-jmx-Agent.patch - Refresh patch to apply to new source: * log4j-mx4j-tools.patch- Cleanup with a spec-cleaner so I can understand what is going around here.goat14 16395062152.13.0-4.6.12.13.02.13.02.13.0log4jlog4j-jcl.jarlog4j-jcl.xmllog4jlog4j-jcl.pom/usr/share/java//usr/share/java/log4j//usr/share/maven-metadata//usr/share/maven-poms//usr/share/maven-poms/log4j/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:22206/SUSE_SLE-15-SP2_Update/daf45af0bb7dccf3093efee56e63c05d-log4j.SUSE_SLE-15-SP2_Updatecpioxz5noarch-suse-linuxdirectoryASCII text, with CRLF line terminators (Zip archive data, at least v2.0 to extract Zip archive data, at least v2.0 to extract)XML 1.0 document, ASCII textXML 1.0 document textPPPRRRRP2Yyg!qlutf-8b5fed462a9362fba9ecf1c7a8613a8e402d3ddac162e50f6477716a25d1e6587? 7zXZ !t/B] crt:bLL 2,I5@i6+v| ȪjR> eS2GAN:- & Wk+,ڌ#^`s9bQ%Yr$8:-tÝLv*VӘ`bceqyOT&&A6\<&$χ@aR{" :>U )Tph)ܦH ozf\EX44/jGog*źxIoo|u,45ߚ7jMnBxV8|9 0:n͆SbpR^]$ ^:f94D QU`H> 7YܵHJ752ny."JS:I6Х:FaqĎj=g.kK5ǀri QXXM#,ԢO^Oin‡sЂ /_y~VRxI)?g`j{{3*MUq>6?e}L36?G*%l N?ih΄nK[I"iRU#]ݶx } V 1ߧ deJQVfwclR/g@ݗ;Ƈ=h$!AⷚHER}>z hk| Ԝp|+"2[I8ST TUf.TM0&F}] !AVkE->ʓ\~ȤawAB7jQH :Jx!H.͋٦Asr[ HʳfP0Zmz!$8Jaww%Jfܹ103\ΈQ]ؠ꿓G+.mn8MDOpl%H\GV8GĹSbPè3rra wkN3Wv9bo]nIQR"3hD2M9&`ojy9m /(-%{-TT&8}摳,iIyZu) Jo\x_AV~AK]ރgayZ<Έ/ s8l{&ǚLFV [*|JY ޾-{6m6x( H'֧)'[Ivp bA88s\i\ab.(dh7 M6$yr>mqڦ;|W=ώu]^E%I\`lۈcH/zo< ܿ\b;Dx,0?6A݈׾ g 1i˸ ߸nu{V!n&wSx-` X81ų9 t.OKfUH ];m6{7~=:NHX70 F}$ѥBz]pFgۈ"ԕJO=igK^sF1`Muw;z-̵tѹ`Guߟ*Lsi`3HK<`+ FڦwOg5U& .D`))ɅG"_>@! wM sڪtEH,F9ёxU 2NZQ(/yۓO,;x;<Ⱅ"fد U~OS.Q36S*N2~o+}7.<+٭LN2(ݻ ;:+"McM<2_κ&F=ܖ3(|%z =[ýsbE_rEV? (lsH=) z:Հ & ! \Z8YX$V£ l4(ųdL0R*<vq7+'˖ƞS%Ko٫MZ2׮-N%'R\])V3cDqm2BjC~fA7v W8-w JƠ^DcQpY0CUi̚eZwէz%zSR+#} *^}nG B\:I|&i2v ^]]&+V͖LXH;!#<4 ӓˤD~:ΐ.\!&Dzvp%t\I|y"=*.wJh'.1 `5ftaKhV~}ap9Y$įZw=>4٦ E#ߓۻ 'oKk'j)66{\i4/(i y(u(Ko`p˳sX/iR I5, )-y"lb=vԔ_$B;|^d ^GՐD>tj 9ؼ8MU/R]P7(bmxj =) ]#ɍ€$@O Os WsZqp909(+>vx#[(X.0"Og\&849̜ RXJvZ,Qoq(}W:]+ZˉD`=I>-ć:9)T[CJwZ/B_m)Z»=2dan޵"KkF ,.Iπ/6QG;8AfQҽ(.Yn-ܠPM@VwzrnyKዔدڭUǤ&pRV"L-`0oṮ#m@$a8>һ~ -fsVt Lr P"Fƻ@+L1 =6!)Q;@,þ_CΦ4D[Mh"64"RJ/x;ϯJ/h DaE{9Jkp9IǞ4`fU2&m!(*Xr.,f#e#JejMktY[[ N}aF8^a1/ra59`H G  ^rj1x'^ķ{wQSb +~ 7wK\* 92q@$FcJꚓ21 Ϭǥޑ6OM7u_[u:zl??gR^JY \MkScyrE.0AiaZ TjaKq%DgCu+o!ii4@3 !y\qGݑԭXɔMa=}ނ8^> MdVP;^7?d2^E򈨥:+9`m )~`ojs/lඩpVfC$|E?$fٔc3 .h䶆"|u/!P5Xc.:8[_}!:d]|$~@RI#-ؐuzQbE?ٷlnD$M*,Z CвY/Tu 5G h `"#U~>DkЮA4(laToP*D{Q|@jqu<`Rzdw}Z"&ӏv` 2SöVeJd&Ň2zgUg "JVv?Fe$Է)YLKCTK D%3jr&kIpI Sj*e>\ ś\jNANMn/H4Oq(Otci49^pQه=mLU&3Z{3d^= Ʃ<[hrawR?Oq8҉m^$/K6 *NS: $MbI|IUESBU. z4qLjLͥ< ?(TgU\uʐG"0[W`6+G .),-eل̲6(ݓmt܋1'y3J ~Tl[>1q @0Y/a/͸†`zPG txLwM>|؃@yUDƣi{)d&Nb`L woEݯ j h4)]r83&pe]ξ^0VF# IW ںjb{ݕgRG(@U$|ɇVo|C/]0fTU 1i3:{|STLW\ѷ>pΫIVͯU_1;){$be#s ގZ/z d÷O`ODhWqE-9z(^a"2~$TF"G-=?Ldgç4\ 3s)DKolzºIK{A5( JSA{V+jfZPj]LBk d{b~IeO ^\@nZ_"JƺI Cd]' wy( jtCHq2b} d=ef\k$Yml,Q-+؇?'Z}Nc\l8𧦿eO%BKYkN:}ڪh0!޴30~)Z3&ԬpN} +̑[+8?f頧 /+e! ub'IalQ/8B[kJ-Rl`ʼGu;+e΄UbuMgEM˕FH=e2 Q J(D7Į윩J)D>bbD.m,N..Y,]v*$@閹%={D!u!Ğ ʄh̚% 8vO4B0}WoSIL3FJLI:Q鳰Eh"\kKҸ_'5-wpE3mv ɅR(`3=T5x(Xz, v/tE9~ !v2 *,/>ht#e]>ӽT-hśXF;}UdmPY.>5Pm}|\|*$Tg/"?͇wьk2L.akppuQI:\RaWd5&]DAgQCpAxVZ1=/9ĮrBW6=b9/R`0Ģ 7sש\vƧcoJ,/ԛrؖyC< ;Z:]7:@L, (%pe-w@ޚ Qd%~_5Ip^/u U:R޾Ϋ:Y],@7)7b:=_3.a #hpbUP]͐T%`xxϚfX3RF67f,a-q-{ sT!G-?aR r[S=LsTŘ`\y&`m4ү]XZz7T{+_P&V &t_;uѿ\ĔwYE@8T0`p}W!M4y;c il[eF-f( U*Ox/%NKl@ټS"@|ߛ%vƱ|m=P\N}KH7@w]~ gvO6=$NNlwyﭥjTKoAtBz %D{/|4dbE*+&Z%GrD:.RUf6+%$RC#Dx ~w%Jugk;+H~8s1QY0PPk%N_ `nxg}`B q}g HD3>}\΀p$UsL}<^ę=״)BLB~iH,_:2wH{4HVx:C i| eFwpmV#IB ghK%ɷ {k ؚfPki; jƳ,`px,"iLn1`?b^,gI:bNv=}ho}7 m^nYgxz.X6ʶhFm%5fKȣبyH9(}]Dž3ۙdÄUܴJ,> #4L}9(X! K#Y02IŝA<6m⍅I$BiBey `7xԔ"%󴵃o+OcHR.M7p67|mʏdߟUI]\(3 (Uy;0*DOA3{d%wN;ZF-$0IT{i N?iԠ˖c CHz_9]lQ8j0D,}[fgwp/A)~  Tu겎lt8؞Xx O! ғ+aM:=?+ YZ