You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2021/12/14 19:45:00 UTC

[jira] [Commented] (NIFI-9486) Upgrade to logback 1.2.8

    [ https://issues.apache.org/jira/browse/NIFI-9486?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17459438#comment-17459438 ] 

ASF subversion and git services commented on NIFI-9486:
-------------------------------------------------------

Commit 09f254c6113c4c0747201eed67a0e0101424cd12 in nifi's branch refs/heads/main from Bryan Bende
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=09f254c ]

NIFI-9486 This closes #5604. Upgrade to logback 1.2.8, remove unnecessary dependencyManagement entries in minifi and nifi-registry in favor of root pom
Remove unnecessary use of slf4j-simple


> Upgrade to logback 1.2.8
> ------------------------
>
>                 Key: NIFI-9486
>                 URL: https://issues.apache.org/jira/browse/NIFI-9486
>             Project: Apache NiFi
>          Issue Type: Improvement
>            Reporter: Bryan Bende
>            Assignee: Bryan Bende
>            Priority: Major
>             Fix For: 1.16.0, 1.15.1
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Logback just released version 1.2.8 to address a vulnerability described in [https://jira.qos.ch/browse/LOGBACK-1591] . We are currently on logback 1.2.6.
> And another vulnerability arguably from 1.2.7



--
This message was sent by Atlassian Jira
(v8.20.1#820001)