You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hbase.apache.org by "Peter Somogyi (Jira)" <ji...@apache.org> on 2021/12/14 09:28:00 UTC
[jira] [Created] (HBASE-26570) Upgrade to log4j 2.16.0
Peter Somogyi created HBASE-26570:
-------------------------------------
Summary: Upgrade to log4j 2.16.0
Key: HBASE-26570
URL: https://issues.apache.org/jira/browse/HBASE-26570
Project: HBase
Issue Type: Umbrella
Components: dependencies, hbase-operator-tools
Reporter: Peter Somogyi
Assignee: Peter Somogyi
Log4j just release version 2.16.0 where jndi is turned off by default. Based on the release announcement it is not required to fix CVE-2021-44228 but recommended.
[https://lists.apache.org/thread/d6v4r6nosxysyq9rvnr779336yf0woz4]
--
This message was sent by Atlassian Jira
(v8.20.1#820001)