You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by "Mike Drob (Jira)" <ji...@apache.org> on 2021/12/10 16:35:00 UTC
[jira] (SOLR-15843) Update Log4J dependency
[ https://issues.apache.org/jira/browse/SOLR-15843 ]
Mike Drob deleted comment on SOLR-15843:
----------------------------------
was (Author: mdrob):
Security page has been updated - https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228-jndi-features-do-not-protect-against-attacker-controlled-ldap-and-other-jndi-related-endpoints
> Update Log4J dependency
> -----------------------
>
> Key: SOLR-15843
> URL: https://issues.apache.org/jira/browse/SOLR-15843
> Project: Solr
> Issue Type: Task
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: Mike Drob
> Assignee: Mike Drob
> Priority: Critical
> Fix For: 9.0, 8.11.1
>
> Time Spent: 2h 50m
> Remaining Estimate: 0h
>
> Log4j 2.15 is about to be released, we should update when it is available.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org