CVE-2017-5645: In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
Please fix it.
Last update: 2019-10-21
Standards version of the package is outdated.
The package should be updated to follow the last version of Debian Policy
(Standards-Version 4.5.0 instead of