You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@zookeeper.apache.org by GitBox <gi...@apache.org> on 2022/03/13 18:43:55 UTC

[GitHub] [zookeeper] ctubbsii commented on pull request #1802: ZOOKEEPER-4455: Move to https://reload4j.qos.ch/ (remove log4j1)

ctubbsii commented on pull request #1802:
URL: https://github.com/apache/zookeeper/pull/1802#issuecomment-1066159594


   > Thanks for looking into this @eolivelli
   > 
   > For the Vulnerability issue reported from slf4j-log4j12, how about updating slf4j version from `1.7.30` to `1.7.35`? Another thing we can try is replacing slf4j-log4j12 with slf4j-reload4j for the binding after upgrading slf4j to 1.7.35.
   
   Both of these should be done. slf4j-log4j12 after 1.7.35 is just a simple redirect to slf4j-reload4j anyway. On the class path, it makes no difference, because the jar it resolves to is the same. It's just a name change.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org