Update Info

openSUSE-2022-38

Security update for kafka

Type: security
Severity: important
Issued: 2022-02-16
Description:
This update for kafka, kafka-kit fixes following issues:


- Remove JDBCAppender, JMSSink, chainsaw from log4j jars during build to
  prevent bsc#1194842, CVE-2022-23302, bsc#1194843, CVE-2022-23305,
  bsc#1194844, CVE-2022-23307

- Rebuild with kafka-kit change to
  Remove JMSAppender from log4j jars during build to
  prevent bsc#1193662, CVE-2021-4104

References

Packages

  • kafka-kit-2.1.0-bp153.2.6.1
  • kafka-2.1.0-bp153.2.6.1