Skip to content

Opencast 10.8
Compare
Choose a tag to compare
@gregorydlogan gregorydlogan released this 19 Dec 03:31
· 5091 commits to develop since this release
10.8
This tag was signed with the committer’s verified signature.
gregorydlogan Greg Logan
GPG key ID: DECD6379D9BA636C
Learn about vigilant mode.
dc84ca2
This commit was signed with the committer’s verified signature.
gregorydlogan Greg Logan
GPG key ID: DECD6379D9BA636C
Learn about vigilant mode.

This release contains a security fix:

Further mitigation for Log4Shell (CVE-2021-45105)
Like the previous release, this is an out-of-order patch to address and resolve a further vulnerability discovered by security researchers. Unlike the previous release, it not only provides an updated version of Pax Logging, but also entirely removes the replaced bundles from Opencast's assemblies to avoid confusion if people do find the old, vulnerable version of Log4J somewhere on the filesystem, even though it is not used.

Assets 8