You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@zookeeper.apache.org by "Sourabh Sarvotham Parkala (Jira)" <ji...@apache.org> on 2022/01/19 11:21:00 UTC

[jira] [Commented] (ZOOKEEPER-2342) Migrate to Log4J 2.

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-2342?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17478588#comment-17478588 ] 

Sourabh Sarvotham Parkala commented on ZOOKEEPER-2342:
------------------------------------------------------

Hello Team,

There are even more high priority vulnerabilities being reported for log4j 1.x. Hence, just checking in on any updates.

Lets us know.

Thanks

Sourabh

> Migrate to Log4J 2.
> -------------------
>
>                 Key: ZOOKEEPER-2342
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2342
>             Project: ZooKeeper
>          Issue Type: Bug
>            Reporter: Chris Nauroth
>            Assignee: Chris Nauroth
>            Priority: Major
>             Fix For: 3.8.0
>
>         Attachments: ZOOKEEPER-2342.001.patch
>
>
> ZOOKEEPER-1371 removed our source code dependency on Log4J.  It appears that this also removed the Log4J SLF4J binding jar from the runtime classpath.  Without any SLF4J binding jar available on the runtime classpath, it is impossible to write logs.
> This JIRA investigated migration to Log4J 2 as a possible path towards resolving the bug introduced by ZOOKEEPER-1371.  At this point, we know this is not feasible short-term.  This JIRA remains open to track long-term migration to Log4J 2.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)