You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@drill.apache.org by GitBox <gi...@apache.org> on 2021/12/15 14:16:47 UTC
[GitHub] [drill] jnturton opened a new pull request #2405: DRILL-8074: Second upgrade of log4j (2.16 now) because of CVE-2021-44228
jnturton opened a new pull request #2405:
URL: https://github.com/apache/drill/pull/2405
# [DRILL-8074](https://issues.apache.org/jira/browse/DRILL-8074): Second upgrade of log4j (2.16 now) because of CVE-2021-44228.
## Description
Refer to DRILL-8074, #2403 and CVE 2021-45046. This PR updates log4j-api and log4j-to-slf4j again, this time to 2.16. Note that we do not believe these components are actually vulnerable, this is just overzealous caution.
## Documentation
None
## Testing
Full set of unit tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscribe@drill.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [drill] jnturton merged pull request #2405: DRILL-8074: Second upgrade of log4j (2.16 now) because of CVE-2021-44228
Posted by GitBox <gi...@apache.org>.
jnturton merged pull request #2405:
URL: https://github.com/apache/drill/pull/2405
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscribe@drill.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org