tag 860489 + pending thanks Some bugs in the apache-log4j2 package are closed in revision 799b96337bcf909193aa76c6090ba511c05b64f6 in branch 'master' by Emmanuel Bourg
The full diff can be seen at https://anonscm.debian.org/cgit/pkg-java/apache-log4j2.git/commit/?id=799b963 Commit message: Fixed CVE-2017-5645: Remote code execution with the TCP/UDP socket server (Closes: #860489)
