Security update for slf4j
This update for slf4j fixes the following security issue:
- CVE-2018-8088: Remote attackers could have bypassed intended access
restrictions via crafted data. Disallow EventData deserialization by default
from now on (bsc#1085970).
-
Submitted by
Andreas Stieger (AndreasStieger)
Fixed bugs
bnc#1085970
VUL-0: CVE-2018-8088: slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution
