You are viewing a plain text version of this content. The canonical link for it is here.
Posted to pluto-dev@portals.apache.org by "Neil Griffin (Jira)" <ji...@apache.org> on 2021/06/29 20:56:00 UTC
[jira] [Updated] (PLUTO-787) Migrate from Log4J and SLF4J
dependencies due to CVE-2019-17571
[ https://issues.apache.org/jira/browse/PLUTO-787?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Neil Griffin updated PLUTO-787:
-------------------------------
Summary: Migrate from Log4J and SLF4J dependencies due to CVE-2019-17571 (was: Migrate from log4j:log4j to org.apache.logging.log4j:log4j-core-2.14.1)
> Migrate from Log4J and SLF4J dependencies due to CVE-2019-17571
> ---------------------------------------------------------------
>
> Key: PLUTO-787
> URL: https://issues.apache.org/jira/browse/PLUTO-787
> Project: Pluto
> Issue Type: Task
> Components: demo portlets
> Reporter: Neil Griffin
> Assignee: Neil Griffin
> Priority: Major
> Fix For: 3.1.1
>
>
> This task involves migrating the following dependencies due to [CVE-2019-17571|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17571]:
> - log4j:log4j -> org.apache.logging.log4j:log4j-api-2.14.1
> - org.slf4j:slf4j-log4j12 -> org.apache.logging.log4j:log4j-slf4j-impl-2.14.1
--
This message was sent by Atlassian Jira
(v8.3.4#803005)