You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hive.apache.org by "Raghavendra Singh (Jira)" <ji...@apache.org> on 2022/01/13 13:09:00 UTC
[jira] [Comment Edited] (HIVE-25839) Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
[ https://issues.apache.org/jira/browse/HIVE-25839?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17475336#comment-17475336 ]
Raghavendra Singh edited comment on HIVE-25839 at 1/13/22, 1:08 PM:
--------------------------------------------------------------------
Thanks [~ghanko], [~weidong], [~zabetak] for the efforts.
Any plans for fixing this in 3.1.x and 2.0.x ranges?
was (Author: raghavendra.singh):
Thanks [~ghanko], [~weidong], [~zabetak] for the efforts.
Any plans for fixing this in 3.1.x range?
> Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
> ----------------------------------------------
>
> Key: HIVE-25839
> URL: https://issues.apache.org/jira/browse/HIVE-25839
> Project: Hive
> Issue Type: Bug
> Affects Versions: 3.1.2
> Reporter: weidong
> Assignee: Hankó Gergely
> Priority: Major
> Labels: pull-request-available
> Fix For: 4.0.0
>
> Attachments: HIVE-25839.1.patch
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> High security vulnerability in Log4J - CVE-2021-44832 bundled with Hive
--
This message was sent by Atlassian Jira
(v8.20.1#820001)