You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@kudu.apache.org by "Attila Bukor (Code Review)" <ge...@cloudera.org> on 2022/01/01 15:53:45 UTC
[kudu-CR](branch-1.15.x) [java] Bump log4j to 2.17.1
Attila Bukor has uploaded this change for review. ( http://gerrit.cloudera.org:8080/18117
Change subject: [java] Bump log4j to 2.17.1
......................................................................
[java] Bump log4j to 2.17.1
Yet another Log4j vulnerability has been identified (CVE-2021-44832)
which has been patched in 2.17.1[1].
This commit bumps the log4j dependency to this version.
[1] https://logging.apache.org/log4j/2.x/security.html#CVE-2021-44832
Change-Id: I42fe9f3124943b6fa42670a04c2fd7266299165f
Reviewed-on: http://gerrit.cloudera.org:8080/18115
Tested-by: Kudu Jenkins
Reviewed-by: Alexey Serbin <as...@cloudera.com>
(cherry picked from commit b1d4f1042278f1b6f8aaecf93ff1ce8825cb5921)
---
M java/gradle/dependencies.gradle
1 file changed, 1 insertion(+), 1 deletion(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/17/18117/1
--
To view, visit http://gerrit.cloudera.org:8080/18117
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: branch-1.15.x
Gerrit-MessageType: newchange
Gerrit-Change-Id: I42fe9f3124943b6fa42670a04c2fd7266299165f
Gerrit-Change-Number: 18117
Gerrit-PatchSet: 1
Gerrit-Owner: Attila Bukor <ab...@apache.org>
[kudu-CR](branch-1.15.x) [java] Bump log4j to 2.17.1
Posted by "Andrew Wong (Code Review)" <ge...@cloudera.org>.
Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/18117 )
Change subject: [java] Bump log4j to 2.17.1
......................................................................
Patch Set 1: Code-Review+2
--
To view, visit http://gerrit.cloudera.org:8080/18117
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: branch-1.15.x
Gerrit-MessageType: comment
Gerrit-Change-Id: I42fe9f3124943b6fa42670a04c2fd7266299165f
Gerrit-Change-Number: 18117
Gerrit-PatchSet: 1
Gerrit-Owner: Attila Bukor <ab...@apache.org>
Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Thu, 06 Jan 2022 19:26:02 +0000
Gerrit-HasComments: No
[kudu-CR](branch-1.15.x) [java] Bump log4j to 2.17.1
Posted by "Attila Bukor (Code Review)" <ge...@cloudera.org>.
Attila Bukor has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/18117 )
Change subject: [java] Bump log4j to 2.17.1
......................................................................
[java] Bump log4j to 2.17.1
Yet another Log4j vulnerability has been identified (CVE-2021-44832)
which has been patched in 2.17.1[1].
This commit bumps the log4j dependency to this version.
[1] https://logging.apache.org/log4j/2.x/security.html#CVE-2021-44832
Change-Id: I42fe9f3124943b6fa42670a04c2fd7266299165f
Reviewed-on: http://gerrit.cloudera.org:8080/18115
Tested-by: Kudu Jenkins
Reviewed-by: Alexey Serbin <as...@cloudera.com>
(cherry picked from commit b1d4f1042278f1b6f8aaecf93ff1ce8825cb5921)
Reviewed-on: http://gerrit.cloudera.org:8080/18117
Reviewed-by: Andrew Wong <aw...@cloudera.com>
---
M java/gradle/dependencies.gradle
1 file changed, 1 insertion(+), 1 deletion(-)
Approvals:
Kudu Jenkins: Verified
Andrew Wong: Looks good to me, approved
--
To view, visit http://gerrit.cloudera.org:8080/18117
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: branch-1.15.x
Gerrit-MessageType: merged
Gerrit-Change-Id: I42fe9f3124943b6fa42670a04c2fd7266299165f
Gerrit-Change-Number: 18117
Gerrit-PatchSet: 2
Gerrit-Owner: Attila Bukor <ab...@apache.org>
Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com>
Gerrit-Reviewer: Attila Bukor <ab...@apache.org>
Gerrit-Reviewer: Kudu Jenkins (120)