FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 03:12:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
b0f49cb9-6736-11ec-9eea-589cfc007716	OpenSearch -- Log4Shell OpenSearch reports: CVE-2021-45046 was issued shortly following the release of OpenSearch 1.2.1. This new CVE advises upgrading from Log4j 2.15.0 (used in OpenSearch 1.2.1) to Log4j 2.16.0. Out of an abundance of caution, the team is releasing OpenSearch 1.2.2 which includes Log4j 2.16.0. While there has been no observed reproduction of the issue described in CVE-2021-45046, Log4j 2.16.0 takes much more extensive JNDI mitigation measures. Discovery 2021-12-14 Entry 2021-12-27 opensearch < 1.2.2 CVE-2021-45046 https://opensearch.org/blog/releases/2021/12/update-1-2-2/

VuXML ID

Description

b0f49cb9-6736-11ec-9eea-589cfc007716

OpenSearch -- Log4Shell

OpenSearch reports:

CVE-2021-45046 was issued shortly following the release of OpenSearch 1.2.1. This new CVE advises upgrading from Log4j 2.15.0 (used in OpenSearch 1.2.1) to Log4j 2.16.0. Out of an abundance of caution, the team is releasing OpenSearch 1.2.2 which includes Log4j 2.16.0. While there has been no observed reproduction of the issue described in CVE-2021-45046, Log4j 2.16.0 takes much more extensive JNDI mitigation measures.

Discovery 2021-12-14
Entry 2021-12-27
opensearch

< 1.2.2

CVE-2021-45046
https://opensearch.org/blog/releases/2021/12/update-1-2-2/