You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@flink.apache.org by ch...@apache.org on 2021/05/10 14:38:37 UTC

[flink] branch master updated: [FLINK-22407][build] Bump log4j to 2.24.1

This is an automated email from the ASF dual-hosted git repository.

chesnay pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/flink.git


The following commit(s) were added to refs/heads/master by this push:
     new 1cbc003  [FLINK-22407][build] Bump log4j to 2.24.1
1cbc003 is described below

commit 1cbc0034ffa926ca3cfea9b9615b21e98e13c1f3
Author: Chesnay Schepler <ch...@apache.org>
AuthorDate: Mon May 10 10:56:29 2021 +0200

    [FLINK-22407][build] Bump log4j to 2.24.1
    
    - CVE-2020-9488
---
 docs/content.zh/docs/dev/datastream/project-configuration.md | 2 +-
 docs/content/docs/dev/datastream/project-configuration.md    | 2 +-
 pom.xml                                                      | 2 +-
 tools/releasing/NOTICE-binary_PREAMBLE.txt                   | 8 ++++----
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/docs/content.zh/docs/dev/datastream/project-configuration.md b/docs/content.zh/docs/dev/datastream/project-configuration.md
index 3e8f40b..6138953 100644
--- a/docs/content.zh/docs/dev/datastream/project-configuration.md
+++ b/docs/content.zh/docs/dev/datastream/project-configuration.md
@@ -331,7 +331,7 @@ ext {
     flinkVersion = '1.13-SNAPSHOT'
     scalaBinaryVersion = '2.11'
     slf4jVersion = '1.7.15'
-    log4jVersion = '2.12.1'
+    log4jVersion = '2.14.1'
 }
 
 
diff --git a/docs/content/docs/dev/datastream/project-configuration.md b/docs/content/docs/dev/datastream/project-configuration.md
index 1e20f02..37fcfc7 100644
--- a/docs/content/docs/dev/datastream/project-configuration.md
+++ b/docs/content/docs/dev/datastream/project-configuration.md
@@ -330,7 +330,7 @@ ext {
     flinkVersion = '1.13-SNAPSHOT'
     scalaBinaryVersion = '2.11'
     slf4jVersion = '1.7.15'
-    log4jVersion = '2.12.1'
+    log4jVersion = '2.14.1'
 }
 
 
diff --git a/pom.xml b/pom.xml
index 47f76bf..d20426e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -107,7 +107,7 @@ under the License.
 		<akka.version>2.5.21</akka.version>
 		<target.java.version>1.8</target.java.version>
 		<slf4j.version>1.7.15</slf4j.version>
-		<log4j.version>2.12.1</log4j.version>
+		<log4j.version>2.14.1</log4j.version>
 		<!-- Overwrite default values from parent pom.
 			 Intellij is (sometimes?) using those values to choose target language level
 			 and thus is changing back to java 1.6 on each maven re-import -->
diff --git a/tools/releasing/NOTICE-binary_PREAMBLE.txt b/tools/releasing/NOTICE-binary_PREAMBLE.txt
index fba3eb0..a5bba55 100644
--- a/tools/releasing/NOTICE-binary_PREAMBLE.txt
+++ b/tools/releasing/NOTICE-binary_PREAMBLE.txt
@@ -8,10 +8,10 @@ Copyright 2014-2021 The Apache Software Foundation
 
 This project bundles the following dependencies under the Apache Software License 2.0 (http://www.apache.org/licenses/LICENSE-2.0.txt)
 
-- org.apache.logging.log4j:log4j-api:2.12.1
-- org.apache.logging.log4j:log4j-core:2.12.1
-- org.apache.logging.log4j:log4j-slf4j-impl:2.12.1
-- org.apache.logging.log4j:log4j-1.2-api:2.12.1
+- org.apache.logging.log4j:log4j-api:2.14.1
+- org.apache.logging.log4j:log4j-core:2.14.1
+- org.apache.logging.log4j:log4j-slf4j-impl:2.14.1
+- org.apache.logging.log4j:log4j-1.2-api:2.14.1
 
 This project bundles the following dependencies under the BSD license.
 See bundled license files for details.