1
Candidate: CVE-2018-8088
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8088
5
https://github.com/qos-ch/slf4j/commit/d2b27fba88e983f921558da27fc29b5f5d269405
6
https://jira.qos.ch/browse/SLF4J-430
7
https://jira.qos.ch/browse/SLF4J-431
9
org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before
10
1.8.0-beta2 allows remote attackers to bypass intended access restrictions
14
leosilva> fix provided by upstream seems not to fix, instead use fix provide by Fedora.
15
leosilva> class was removed in bionic
22
Patches_libslf4j-java:
23
patch: https://src.fedoraproject.org/cgit/rpms/slf4j.git/diff/0001-Disallow-EventData-deserialization-by-default.patch?id=d7cd96bc7a8e8d8d62c8bc62baa7df02cef56c63
24
upstream_libslf4j-java: needs-triage
25
precise/esm_libslf4j-java: DNE
26
trusty_libslf4j-java: needed
27
xenial_libslf4j-java: needed
28
artful_libslf4j-java: needed
29
bionic_libslf4j-java: not-affected
30
devel_libslf4j-java: needs-triage