You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2021/12/14 19:45:00 UTC
[jira] [Commented] (NIFI-9486) Upgrade to logback 1.2.8
[ https://issues.apache.org/jira/browse/NIFI-9486?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17459438#comment-17459438 ]
ASF subversion and git services commented on NIFI-9486:
-------------------------------------------------------
Commit 09f254c6113c4c0747201eed67a0e0101424cd12 in nifi's branch refs/heads/main from Bryan Bende
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=09f254c ]
NIFI-9486 This closes #5604. Upgrade to logback 1.2.8, remove unnecessary dependencyManagement entries in minifi and nifi-registry in favor of root pom
Remove unnecessary use of slf4j-simple
> Upgrade to logback 1.2.8
> ------------------------
>
> Key: NIFI-9486
> URL: https://issues.apache.org/jira/browse/NIFI-9486
> Project: Apache NiFi
> Issue Type: Improvement
> Reporter: Bryan Bende
> Assignee: Bryan Bende
> Priority: Major
> Fix For: 1.16.0, 1.15.1
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Logback just released version 1.2.8 to address a vulnerability described in [https://jira.qos.ch/browse/LOGBACK-1591] . We are currently on logback 1.2.6.
> And another vulnerability arguably from 1.2.7
--
This message was sent by Atlassian Jira
(v8.20.1#820001)