You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@flink.apache.org by ch...@apache.org on 2021/05/10 14:38:37 UTC
[flink] branch master updated: [FLINK-22407][build] Bump log4j to
2.24.1
This is an automated email from the ASF dual-hosted git repository.
chesnay pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/flink.git
The following commit(s) were added to refs/heads/master by this push:
new 1cbc003 [FLINK-22407][build] Bump log4j to 2.24.1
1cbc003 is described below
commit 1cbc0034ffa926ca3cfea9b9615b21e98e13c1f3
Author: Chesnay Schepler <ch...@apache.org>
AuthorDate: Mon May 10 10:56:29 2021 +0200
[FLINK-22407][build] Bump log4j to 2.24.1
- CVE-2020-9488
---
docs/content.zh/docs/dev/datastream/project-configuration.md | 2 +-
docs/content/docs/dev/datastream/project-configuration.md | 2 +-
pom.xml | 2 +-
tools/releasing/NOTICE-binary_PREAMBLE.txt | 8 ++++----
4 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/docs/content.zh/docs/dev/datastream/project-configuration.md b/docs/content.zh/docs/dev/datastream/project-configuration.md
index 3e8f40b..6138953 100644
--- a/docs/content.zh/docs/dev/datastream/project-configuration.md
+++ b/docs/content.zh/docs/dev/datastream/project-configuration.md
@@ -331,7 +331,7 @@ ext {
flinkVersion = '1.13-SNAPSHOT'
scalaBinaryVersion = '2.11'
slf4jVersion = '1.7.15'
- log4jVersion = '2.12.1'
+ log4jVersion = '2.14.1'
}
diff --git a/docs/content/docs/dev/datastream/project-configuration.md b/docs/content/docs/dev/datastream/project-configuration.md
index 1e20f02..37fcfc7 100644
--- a/docs/content/docs/dev/datastream/project-configuration.md
+++ b/docs/content/docs/dev/datastream/project-configuration.md
@@ -330,7 +330,7 @@ ext {
flinkVersion = '1.13-SNAPSHOT'
scalaBinaryVersion = '2.11'
slf4jVersion = '1.7.15'
- log4jVersion = '2.12.1'
+ log4jVersion = '2.14.1'
}
diff --git a/pom.xml b/pom.xml
index 47f76bf..d20426e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -107,7 +107,7 @@ under the License.
<akka.version>2.5.21</akka.version>
<target.java.version>1.8</target.java.version>
<slf4j.version>1.7.15</slf4j.version>
- <log4j.version>2.12.1</log4j.version>
+ <log4j.version>2.14.1</log4j.version>
<!-- Overwrite default values from parent pom.
Intellij is (sometimes?) using those values to choose target language level
and thus is changing back to java 1.6 on each maven re-import -->
diff --git a/tools/releasing/NOTICE-binary_PREAMBLE.txt b/tools/releasing/NOTICE-binary_PREAMBLE.txt
index fba3eb0..a5bba55 100644
--- a/tools/releasing/NOTICE-binary_PREAMBLE.txt
+++ b/tools/releasing/NOTICE-binary_PREAMBLE.txt
@@ -8,10 +8,10 @@ Copyright 2014-2021 The Apache Software Foundation
This project bundles the following dependencies under the Apache Software License 2.0 (http://www.apache.org/licenses/LICENSE-2.0.txt)
-- org.apache.logging.log4j:log4j-api:2.12.1
-- org.apache.logging.log4j:log4j-core:2.12.1
-- org.apache.logging.log4j:log4j-slf4j-impl:2.12.1
-- org.apache.logging.log4j:log4j-1.2-api:2.12.1
+- org.apache.logging.log4j:log4j-api:2.14.1
+- org.apache.logging.log4j:log4j-core:2.14.1
+- org.apache.logging.log4j:log4j-slf4j-impl:2.14.1
+- org.apache.logging.log4j:log4j-1.2-api:2.14.1
This project bundles the following dependencies under the BSD license.
See bundled license files for details.