You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pinot.apache.org by xi...@apache.org on 2021/12/14 23:32:26 UTC

[pinot] branch release-0.9.2-rc updated: Upgrade log4j to 2.16.0 for CVE-2021-45046 (#7903)

This is an automated email from the ASF dual-hosted git repository.

xiangfu pushed a commit to branch release-0.9.2-rc
in repository https://gitbox.apache.org/repos/asf/pinot.git


The following commit(s) were added to refs/heads/release-0.9.2-rc by this push:
     new 8349bbe  Upgrade log4j to 2.16.0 for CVE-2021-45046 (#7903)
8349bbe is described below

commit 8349bbecdeeda416faa64338b943fe608e0a613f
Author: Neha Pawar <ne...@gmail.com>
AuthorDate: Tue Dec 14 15:30:19 2021 -0800

    Upgrade log4j to 2.16.0 for CVE-2021-45046 (#7903)
---
 LICENSE-binary | 8 ++++----
 pom.xml        | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/LICENSE-binary b/LICENSE-binary
index 3b51d13..52b9706 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -345,10 +345,10 @@ org.apache.httpcomponents:httpmime:4.5.3
 org.apache.kafka:kafka-clients:2.0.0
 org.apache.kafka:kafka_2.10:0.9.0.1
 org.apache.kafka:kafka_2.11:2.0.0
-org.apache.logging.log4j:log4j-1.2-api:2.15.0
-org.apache.logging.log4j:log4j-api:2.15.0
-org.apache.logging.log4j:log4j-core:2.15.0
-org.apache.logging.log4j:log4j-slf4j-impl:2.15.0
+org.apache.logging.log4j:log4j-1.2-api:2.16.0
+org.apache.logging.log4j:log4j-api:2.16.0
+org.apache.logging.log4j:log4j-core:2.16.0
+org.apache.logging.log4j:log4j-slf4j-impl:2.16.0
 org.apache.lucene:lucene-analyzers-common:8.2.0
 org.apache.lucene:lucene-core:8.2.0
 org.apache.lucene:lucene-queries:8.2.0
diff --git a/pom.xml b/pom.xml
index e2b0cc5..a2149bf 100644
--- a/pom.xml
+++ b/pom.xml
@@ -146,7 +146,7 @@
     <snappy-java.version>1.1.1.7</snappy-java.version>
     <zstd-jni.version>1.4.9-5</zstd-jni.version>
     <lz4-java.version>1.7.1</lz4-java.version>
-    <log4j.version>2.15.0</log4j.version>
+    <log4j.version>2.16.0</log4j.version>
     <netty.version>4.1.54.Final</netty.version>
     <reactivestreams.version>1.0.3</reactivestreams.version>
     <jts.version>1.16.1</jts.version>

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org