Explore top 10 tips to secure your open-source projects now. Read More
×Log4cxx is a popular logging package written in C++. One of its distinctive
features is the notion of inheritance in loggers. Using a logger hierarchy it
is possible to control which log statements are output at arbitrary
granularity. This helps reduce the volume of logged output and minimize the
cost of logging.
Update Information:
Update to log4cxx 1.7.0. New features: fallback-ref appender attribute, Qt CMake find_package component, TelnetAppender NonBlocking option. Bug fixes: non-ASCII JSON encoding, invalid XML 1.0 characters in XML output, crash on recursive XML config references, possible UB during configuration changes, message loss during recursive logging, ODBCAppender prepared-statement buffer lifetimes. No ABI-relevant changes; liblog4cxx SONAME (%{sover}) is unchanged.
* Fri Jul 3 2026 Till Hofmann
[ 1 ] Bug #2455029 - log4cxx-1.7.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2455029
[ 2 ] Bug #2457923 - CVE-2026-40023 log4cxx: Apache Log4cxx: Log processing impairment due to unsanitized XML characters [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2457923
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-43767b6007' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
Get the latest Linux and open source security news straight to your inbox.