You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@geode.apache.org by "Owen Nichols (Jira)" <ji...@apache.org> on 2021/12/14 09:47:00 UTC

[jira] [Created] (GEODE-9898) bump log4j to 2.16.0

Owen Nichols created GEODE-9898:
-----------------------------------

             Summary: bump log4j to 2.16.0
                 Key: GEODE-9898
                 URL: https://issues.apache.org/jira/browse/GEODE-9898
             Project: Geode
          Issue Type: Improvement
          Components: core
            Reporter: Owen Nichols


while the current jog4j 2.15.0 is sufficient to prevent CVE-2021-44228, 2.16.0 is recommended as it fully disables jndi lookup 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)