On Mon, Dec 27, 2021 at 07:30:38PM +0000, L Dimov wrote: > Hello, > > I am on Debian 11 Stable with only main repositories. I got a note in PDFsam > Basic that it needs to be updated due to a vulnerability. But running apt-get > update and apt-get upgrade does not upgrade PDFsam Basic (it is 4.2.2-1 and > needs to go to 4.2.10 apparently: > https://blog.pdfsam.org/pdfsam-basic/pdfsam-and-log4j2-vulnerability/2286/). > I thought that anything in the main repositories of the stable version of > Debian gets security updates - is this not the case? And if I uninstall and > reinstall PDFsam Basic I assume I will still get the version in the repos, > which is the old one. > > Thanks, > Luben >
The fully fixed version in in Debian Unstable. The copy in Stable Debian 11 uses the system libraries for log4j whihc were recently patched, I think. All the very best, as ever, Andy Cater