You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@solr.apache.org by "Iqrar Aminullah (Jira)" <ji...@apache.org> on 2021/12/24 04:33:00 UTC

[jira] [Created] (SOLR-15877) Changing from Log4j to JUL

Iqrar Aminullah created SOLR-15877:
--------------------------------------

             Summary: Changing from Log4j to JUL
                 Key: SOLR-15877
                 URL: https://issues.apache.org/jira/browse/SOLR-15877
             Project: Solr
          Issue Type: Wish
      Security Level: Public (Default Security Level. Issues are Public)
          Components: logging
    Affects Versions: 6.6.3
            Reporter: Iqrar Aminullah


Hi, I've been trying to change Solr 6.6.3 logging function from using Log4j 1.2.17 to JUL by using SLF4J bridge to mitigate the security issues found on log4j 1.2.17

I tried removing the Log4j library and added slf4j-jdk14.jar and log4j-over-slf4j-1.7.7.

I want to know whether this change will create issues on Solr itself and whether  using JUL on Solr 6.6.3 have a vulnurability issues. Is there any disparity table between using JUL and Log4j on Solr?

Thank you for your advice



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org