You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@zookeeper.apache.org by "Nagalakshmi Nagaraj (Jira)" <ji...@apache.org> on 2022/01/25 11:32:00 UTC
[jira] [Created] (ZOOKEEPER-4451) vulnerable version of log4j is being used in Zookeeper (1.2.15/12.16)
Nagalakshmi Nagaraj created ZOOKEEPER-4451:
----------------------------------------------
Summary: vulnerable version of log4j is being used in Zookeeper (1.2.15/12.16)
Key: ZOOKEEPER-4451
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4451
Project: ZooKeeper
Issue Type: Bug
Reporter: Nagalakshmi Nagaraj
Even the latest version of Zookeeper (3.7.0) is still using the vulnerable version of log4j
log4j-1.2.15.jar
log4j-1.2.16.jar
We require apache Zookeeper tar with the Fix version of log4j (2.17.1)
--
This message was sent by Atlassian Jira
(v8.20.1#820001)