You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@storm.apache.org by GitBox <gi...@apache.org> on 2022/02/24 17:24:57 UTC

[GitHub] [storm] kishorvpatil opened a new pull request #3432: Upgrade log4j to 2.17.1 for CVE-2021-44832

kishorvpatil opened a new pull request #3432:
URL: https://github.com/apache/storm/pull/3432


   ## What is the purpose of the change
   
   *(Explain why we should have this change)*
   
   ## How was the change tested
   
   *(Explain what tests did you do to verify the code change)*


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@storm.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [storm] basant-gurung commented on pull request #3432: Upgrade log4j to 2.17.1 for CVE-2021-44832

Posted by GitBox <gi...@apache.org>.

basant-gurung commented on pull request #3432:
URL: https://github.com/apache/storm/pull/3432#issuecomment-1034493878


   Thanks for confirmation Bipin. We can't upgrade to a higher version of Storm at our end at this point in time. Any suggestions?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@storm.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [storm] bipinprasad commented on pull request #3432: Upgrade log4j to 2.17.1 for CVE-2021-44832

Posted by GitBox <gi...@apache.org>.

bipinprasad commented on pull request #3432:
URL: https://github.com/apache/storm/pull/3432#issuecomment-1034390077


    There is no plan to fix Storm 0.x version.
       On Wednesday, February 9, 2022, 09:55:31 AM PST, Basant Gurung ***@***.***> wrote:  
    
    
   
   
   Hey guys,
   
   Are you going to commit this vulnerability fix in storm 0.x versions too?
   
   —
   Reply to this email directly, view it on GitHub, or unsubscribe.
   You are receiving this because you commented.Message ID: ***@***.***>
     


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@storm.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [storm] kishorvpatil commented on pull request #3432: Upgrade log4j to 2.17.1 for CVE-2021-44832

Posted by GitBox <gi...@apache.org>.

kishorvpatil commented on pull request #3432:
URL: https://github.com/apache/storm/pull/3432#issuecomment-1050085953


   Closing this PR in lieu of #3433 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@storm.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [storm] pjfanning commented on pull request #3432: Upgrade log4j to 2.17.1 for CVE-2021-44832

Posted by GitBox <gi...@apache.org>.

pjfanning commented on pull request #3432:
URL: https://github.com/apache/storm/pull/3432#issuecomment-1020018673


   looks like can be closed - due to https://github.com/apache/storm/pull/3433


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@storm.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [storm] bipinprasad commented on pull request #3432: Upgrade log4j to 2.17.1 for CVE-2021-44832

Posted by GitBox <gi...@apache.org>.

bipinprasad commented on pull request #3432:
URL: https://github.com/apache/storm/pull/3432#issuecomment-1012779058


   The DEPENDENCY-LICENSES file has to be updated via "mvn license:aggregate-add-third-party@generate-and-check-licenses -Dlicense.skipAggregateAddThirdParty=false" command. Otherwise the license check will fail.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@storm.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [storm] basant-gurung commented on pull request #3432: Upgrade log4j to 2.17.1 for CVE-2021-44832

Posted by GitBox <gi...@apache.org>.

basant-gurung commented on pull request #3432:
URL: https://github.com/apache/storm/pull/3432#issuecomment-1034038520


   Hey guys, 
   
   Are you going to commit this vulnerability fix in storm 0.x versions too? 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@storm.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [storm] pjfanning edited a comment on pull request #3432: Upgrade log4j to 2.17.1 for CVE-2021-44832

Posted by GitBox <gi...@apache.org>.

pjfanning edited a comment on pull request #3432:
URL: https://github.com/apache/storm/pull/3432#issuecomment-1020018673


   looks like can be closed - due to https://github.com/apache/storm/pull/3433 and https://github.com/apache/storm/pull/3436


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@storm.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [storm] kishorvpatil closed pull request #3432: Upgrade log4j to 2.17.1 for CVE-2021-44832

Posted by GitBox <gi...@apache.org>.

kishorvpatil closed pull request #3432:
URL: https://github.com/apache/storm/pull/3432


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@storm.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org