- Update to 2.13.2 [bsc#1170535, CVE-2020-9488]
* Bugfixes and minor enhancements:
- CVE-2020-9488: Improper validation of certificate with host mismatch
in Apache Log4j SMTP appender.
- Implement requiresLocation in GelfLayout to reflect whether location
information is used in the message Pattern.
- Add option to restore printing timeMillis in the JsonLayout.
- Initialize pattern processor before triggering policy during reconfiguration.
- Add information about using a url in log4j.configurationFile.
- serializeToBytes was checking wrong variable for null.
- Fix Javadoc for ScriptPatternSelector.
- Allow trailing and leading spaces in log level.
- Correct JsonLayout timestamp sorting issue.
- Allow the file size action to parse the value without being sensitive
to the current locale.
- Make YamlLayoutTest more resiliant to environmental differences.
- Conditionally allocate PluginEntry during PluginCache loading.
- Add missing includeLocation parameter when creating AsyncLogger.
- Fix Exceptions when whitespace is in the file path and Java security
manager is used.
- Avoid NullPointerException when StackWalker returns null.
- TimeFilter did not handle daylight saving time transitions and did
not support a range over 2 days.
- Provide a Log4j implementation of System.Logger.
- Added EventLookup to retrieve fields from the log event.
* Changes:
- Allow the file extension in the file pattern to be modified during reconfiguration.
- Add support for specifying an SSL configuration for SmtpAppender.
- Allow servlet context path to be retrieved without "/".
- Allow Spring Lookup to return default and active profiles.