You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@logging.apache.org by "Raman Gupta (Jira)" <ji...@apache.org> on 2021/12/13 14:11:00 UTC

[jira] [Created] (LOG4J2-3218) Upgrade log4j2 dependency version in the kotlin logging API for CVE-2021-44228

Raman Gupta created LOG4J2-3218:
-----------------------------------

             Summary: Upgrade log4j2 dependency version in the kotlin logging API for CVE-2021-44228
                 Key: LOG4J2-3218
                 URL: https://issues.apache.org/jira/browse/LOG4J2-3218
             Project: Log4j 2
          Issue Type: Dependency upgrade
          Components: Kotlin API
    Affects Versions: Kotlin 1.1.0
            Reporter: Raman Gupta


Kotlin API currently depends on log4j2 API version 2.13.2 which, assuming users are using the corresponding implementation, is vulnerable by default to CVE-2021-44228. Update dependency to 2.15.0.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)