Package list libslf4j-java / ec36885
Add CVE-2018-8088.patch Markus Koschany 3 years ago
3 changed file(s) with 325 addition(s) and 1 deletion(s). Raw diff Collapse all Expand all
0 From: Markus Koschany <apo@debian.org>
1 Date: Sun, 25 Mar 2018 20:14:24 +0200
2 Subject: CVE-2018-8088
3
4 ---
5 .../src/main/java/org/slf4j/ext/EventData.java | 305 ---------------------
6 1 file changed, 305 deletions(-)
7 delete mode 100644 slf4j-ext/src/main/java/org/slf4j/ext/EventData.java
8
9 diff --git a/slf4j-ext/src/main/java/org/slf4j/ext/EventData.java b/slf4j-ext/src/main/java/org/slf4j/ext/EventData.java
10 deleted file mode 100644
11 index dc5b502..0000000
12 --- a/slf4j-ext/src/main/java/org/slf4j/ext/EventData.java
13 +++ /dev/null
14 @@ -1,305 +0,0 @@
15 -/**
16 - * Copyright (c) 2004-2011 QOS.ch
17 - * All rights reserved.
18 - *
19 - * Permission is hereby granted, free of charge, to any person obtaining
20 - * a copy of this software and associated documentation files (the
21 - * "Software"), to deal in the Software without restriction, including
22 - * without limitation the rights to use, copy, modify, merge, publish,
23 - * distribute, sublicense, and/or sell copies of the Software, and to
24 - * permit persons to whom the Software is furnished to do so, subject to
25 - * the following conditions:
26 - *
27 - * The above copyright notice and this permission notice shall be
28 - * included in all copies or substantial portions of the Software.
29 - *
30 - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
31 - * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
32 - * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
33 - * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
34 - * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
35 - * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
36 - * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
37 - *
38 - */
39 -package org.slf4j.ext;
40 -
41 -import java.io.Serializable;
42 -import java.io.ByteArrayInputStream;
43 -import java.io.ByteArrayOutputStream;
44 -import java.util.Date;
45 -import java.util.HashMap;
46 -import java.util.Iterator;
47 -import java.util.Map;
48 -import java.beans.XMLDecoder;
49 -import java.beans.XMLEncoder;
50 -import java.beans.ExceptionListener;
51 -
52 -/**
53 - * Base class for Event Data. Event Data contains data to be logged about an
54 - * event. Users may extend this class for each EventType they want to log.
55 - *
56 - * @author Ralph Goers
57 - */
58 -public class EventData implements Serializable {
59 -
60 - private static final long serialVersionUID = 153270778642103985L;
61 -
62 - private Map<String, Object> eventData = new HashMap<String, Object>();
63 - public static final String EVENT_MESSAGE = "EventMessage";
64 - public static final String EVENT_TYPE = "EventType";
65 - public static final String EVENT_DATETIME = "EventDateTime";
66 - public static final String EVENT_ID = "EventId";
67 -
68 - /**
69 - * Default Constructor
70 - */
71 - public EventData() {
72 - }
73 -
74 - /**
75 - * Constructor to create event data from a Map.
76 - *
77 - * @param map
78 - * The event data.
79 - */
80 - public EventData(Map<String, Object> map) {
81 - eventData.putAll(map);
82 - }
83 -
84 - /**
85 - * Construct from a serialized form of the Map containing the RequestInfo
86 - * elements
87 - *
88 - * @param xml
89 - * The serialized form of the RequestInfo Map.
90 - */
91 - @SuppressWarnings("unchecked")
92 - public EventData(String xml) {
93 - ByteArrayInputStream bais = new ByteArrayInputStream(xml.getBytes());
94 - try {
95 - XMLDecoder decoder = new XMLDecoder(bais);
96 - this.eventData = (Map<String, Object>) decoder.readObject();
97 - } catch (Exception e) {
98 - throw new EventException("Error decoding " + xml, e);
99 - }
100 - }
101 -
102 - /**
103 - * Serialize all the EventData items into an XML representation.
104 - *
105 - * @return an XML String containing all the EventData items.
106 - */
107 - public String toXML() {
108 - return toXML(eventData);
109 - }
110 -
111 - /**
112 - * Serialize all the EventData items into an XML representation.
113 - *
114 - * @param map the Map to transform
115 - * @return an XML String containing all the EventData items.
116 - */
117 - public static String toXML(Map<String, Object> map) {
118 - ByteArrayOutputStream baos = new ByteArrayOutputStream();
119 - try {
120 - XMLEncoder encoder = new XMLEncoder(baos);
121 - encoder.setExceptionListener(new ExceptionListener() {
122 - public void exceptionThrown(Exception exception) {
123 - exception.printStackTrace();
124 - }
125 - });
126 - encoder.writeObject(map);
127 - encoder.close();
128 - return baos.toString();
129 - } catch (Exception e) {
130 - e.printStackTrace();
131 - return null;
132 - }
133 - }
134 -
135 - /**
136 - * Retrieve the event identifier.
137 - *
138 - * @return The event identifier
139 - */
140 - public String getEventId() {
141 - return (String) this.eventData.get(EVENT_ID);
142 - }
143 -
144 - /**
145 - * Set the event identifier.
146 - *
147 - * @param eventId
148 - * The event identifier.
149 - */
150 - public void setEventId(String eventId) {
151 - if (eventId == null) {
152 - throw new IllegalArgumentException("eventId cannot be null");
153 - }
154 - this.eventData.put(EVENT_ID, eventId);
155 - }
156 -
157 - /**
158 - * Retrieve the message text associated with this event, if any.
159 - *
160 - * @return The message text associated with this event or null if there is
161 - * none.
162 - */
163 - public String getMessage() {
164 - return (String) this.eventData.get(EVENT_MESSAGE);
165 - }
166 -
167 - /**
168 - * Set the message text associated with this event.
169 - *
170 - * @param message
171 - * The message text.
172 - */
173 - public void setMessage(String message) {
174 - this.eventData.put(EVENT_MESSAGE, message);
175 - }
176 -
177 - /**
178 - * Retrieve the date and time the event occurred.
179 - *
180 - * @return The Date associated with the event.
181 - */
182 - public Date getEventDateTime() {
183 - return (Date) this.eventData.get(EVENT_DATETIME);
184 - }
185 -
186 - /**
187 - * Set the date and time the event occurred in case it is not the same as when
188 - * the event was logged.
189 - *
190 - * @param eventDateTime
191 - * The event Date.
192 - */
193 - public void setEventDateTime(Date eventDateTime) {
194 - this.eventData.put(EVENT_DATETIME, eventDateTime);
195 - }
196 -
197 - /**
198 - * Set the type of event that occurred.
199 - *
200 - * @param eventType
201 - * The type of the event.
202 - */
203 - public void setEventType(String eventType) {
204 - this.eventData.put(EVENT_TYPE, eventType);
205 - }
206 -
207 - /**
208 - * Retrieve the type of the event.
209 - *
210 - * @return The event type.
211 - */
212 - public String getEventType() {
213 - return (String) this.eventData.get(EVENT_TYPE);
214 - }
215 -
216 - /**
217 - * Add arbitrary attributes about the event.
218 - *
219 - * @param name
220 - * The attribute's key.
221 - * @param obj
222 - * The data associated with the key.
223 - */
224 - public void put(String name, Serializable obj) {
225 - this.eventData.put(name, obj);
226 - }
227 -
228 - /**
229 - * Retrieve an event attribute.
230 - *
231 - * @param name
232 - * The attribute's key.
233 - * @return The value associated with the key or null if the key is not
234 - * present.
235 - */
236 - public Serializable get(String name) {
237 - return (Serializable) this.eventData.get(name);
238 - }
239 -
240 - /**
241 - * Populate the event data from a Map.
242 - *
243 - * @param data
244 - * The Map to copy.
245 - */
246 - public void putAll(Map<String, Object> data) {
247 - this.eventData.putAll(data);
248 - }
249 -
250 - /**
251 - * Returns the number of attributes in the EventData.
252 - *
253 - * @return the number of attributes in the EventData.
254 - */
255 - public int getSize() {
256 - return this.eventData.size();
257 - }
258 -
259 - /**
260 - * Returns an Iterator over all the entries in the EventData.
261 - *
262 - * @return an Iterator that can be used to access all the event attributes.
263 - */
264 - public Iterator<Map.Entry<String, Object>> getEntrySetIterator() {
265 - return this.eventData.entrySet().iterator();
266 - }
267 -
268 - /**
269 - * Retrieve all the attributes in the EventData as a Map. Changes to this map
270 - * will be reflected in the EventData.
271 - *
272 - * @return The Map of attributes in this EventData instance.
273 - */
274 - public Map<String, Object> getEventMap() {
275 - return this.eventData;
276 - }
277 -
278 - /**
279 - * Convert the EventData to a String.
280 - *
281 - * @return The EventData as a String.
282 - */
283 - @Override
284 - public String toString() {
285 - return toXML();
286 - }
287 -
288 - /**
289 - * Compare two EventData objects for equality.
290 - *
291 - * @param o
292 - * The Object to compare.
293 - * @return true if the objects are the same instance or contain all the same
294 - * keys and their values.
295 - */
296 - @SuppressWarnings("unchecked")
297 - @Override
298 - public boolean equals(Object o) {
299 - if (this == o) {
300 - return true;
301 - }
302 - if (!(o instanceof EventData || o instanceof Map)) {
303 - return false;
304 - }
305 - Map<String, Object> map = (o instanceof EventData) ? ((EventData) o).getEventMap() : (Map<String, Object>) o;
306 -
307 - return this.eventData.equals(map);
308 - }
309 -
310 - /**
311 - * Compute the hashCode for this EventData instance.
312 - *
313 - * @return The hashcode for this EventData instance.
314 - */
315 - @Override
316 - public int hashCode() {
317 - return this.eventData.hashCode();
318 - }
319 -}
320 \ No newline at end of file
00 slf4j-api-MANIFEST.patch
11 disable-MultithreadedInitializationTest.patch
2 CVE-2018-8088.patch
99 slf4j-api/src/main/resources/META-INF/MANIFEST.MF | 1 -
1010 1 file changed, 1 deletion(-)
1111
12 diff --git a/slf4j-api/src/main/resources/META-INF/MANIFEST.MF b/slf4j-api/src/main/resources/META-INF/MANIFEST.MF
13 index def3812..765a0ce 100644
1214 --- a/slf4j-api/src/main/resources/META-INF/MANIFEST.MF
1315 +++ b/slf4j-api/src/main/resources/META-INF/MANIFEST.MF
14 @@ -8,4 +8,3 @@
16 @@ -8,4 +8,3 @@ Export-Package: org.slf4j;version=${parsedVersion.osgiVersion},
1517 org.slf4j.spi;version=${parsedVersion.osgiVersion},
1618 org.slf4j.helpers;version=${parsedVersion.osgiVersion},
1719 org.slf4j.event;version=${parsedVersion.osgiVersion}