You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@geode.apache.org by "Owen Nichols (Jira)" <ji...@apache.org> on 2021/12/14 09:47:00 UTC
[jira] [Created] (GEODE-9898) bump log4j to 2.16.0
Owen Nichols created GEODE-9898:
-----------------------------------
Summary: bump log4j to 2.16.0
Key: GEODE-9898
URL: https://issues.apache.org/jira/browse/GEODE-9898
Project: Geode
Issue Type: Improvement
Components: core
Reporter: Owen Nichols
while the current jog4j 2.15.0 is sufficient to prevent CVE-2021-44228, 2.16.0 is recommended as it fully disables jndi lookupÂ
--
This message was sent by Atlassian Jira
(v8.20.1#820001)