subject:"UPDATE\: security\/zaproxy 2.11.1 \-> 2.12.0 \(log4j update, and HTML injection fix\)"

Re: UPDATE: security/zaproxy 2.11.1 -> 2.12.0 (log4j update, and HTML injection fix)

2023-05-24 Thread Michael Dinon

On Tuesday, May 23, 2023, Ashlen wrote: > Release notes: > https://www.zaproxy.org/blog/2022-10-27-zap-2-12-0-the-ten- > thousand-star-release/ > > JVM 11+ is now a requirement. log4j was updated from 2.15.0[!] to > 2.19.0. An HTML injection vulnerability is patched in this release. > > Builds

UPDATE: security/zaproxy 2.11.1 -> 2.12.0 (log4j update, and HTML injection fix)

2023-05-23 Thread Ashlen

Release notes: https://www.zaproxy.org/blog/2022-10-27-zap-2-12-0-the-ten-thousand-star-release/ JVM 11+ is now a requirement. log4j was updated from 2.15.0[!] to 2.19.0. An HTML injection vulnerability is patched in this release. Builds and runs OK for the most part. zaproxy.sh was a bit