Ubuntu Security Notice 5998-1 - It was discovered that the SocketServer component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. It was discovered that the JMSSink component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code.
0e9670eb797b9ec131a46bb75f321c8da3450087baa95b89a755d534ca79e9f4