File _patchinfo of Package patchinfo.32175
<patchinfo incident="32175">
<issue tracker="bnc" id="1218601">L3: texlive-arara package contains vulnerable Log4J version</issue>
<packager>WernerFink</packager>
<rating>moderate</rating>
<category>recommended</category>
<summary>Recommended update for texlive-specs-a</summary>
<description>This update for texlive-specs-a fixes the following issues:
- Replace arara.jar in arara.tar.xz with a updated log4j to silent some simple
screening tools reporting vulnerable log4j version even if even log4j is not
used that way (bsc#1218601)
</description>
</patchinfo>