From 534425431ae33c4165f6aae8274ef3642f92a820 Mon Sep 17 00:00:00 2001 From: maximthomas Date: Tue, 27 Jan 2026 10:49:46 +0300 Subject: [PATCH 1/2] CVE-2026-1225 Logback allows an attacker to instantiate classes already present on the class path --- opendj-embedded/pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/opendj-embedded/pom.xml b/opendj-embedded/pom.xml index 445775be6e..7029e1018f 100644 --- a/opendj-embedded/pom.xml +++ b/opendj-embedded/pom.xml @@ -38,7 +38,7 @@ ch.qos.logback logback-core - 1.5.19 + 1.5.26 slf4j-api @@ -49,7 +49,7 @@ ch.qos.logback logback-classic - 1.5.18 + 1.5.26 slf4j-api From 7ce27e1b354485e124561b905a6e9ad4eb0df113 Mon Sep 17 00:00:00 2001 From: maximthomas Date: Tue, 27 Jan 2026 12:51:42 +0300 Subject: [PATCH 2/2] Copyright update --- opendj-embedded/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/opendj-embedded/pom.xml b/opendj-embedded/pom.xml index 7029e1018f..4d426e5fe0 100644 --- a/opendj-embedded/pom.xml +++ b/opendj-embedded/pom.xml @@ -12,7 +12,7 @@ Header, with the fields enclosed by brackets [] replaced by your own identifying information: "Portions Copyright [year] [name of copyright owner]". - Copyright 2024 3A Systems LLC. + Copyright 2024-2026 3A Systems LLC. --> 4.0.0