You are viewing a plain text version of this content. The canonical link for it is here.
Posted to pluto-dev@portals.apache.org by "Neil Griffin (Jira)" <ji...@apache.org> on 2021/12/13 19:08:00 UTC
[jira] [Reopened] (PLUTO-787) Migrate from Log4j 1.x to Log4j 2.x due to CVE-2019-17571
[ https://issues.apache.org/jira/browse/PLUTO-787?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Neil Griffin reopened PLUTO-787:
--------------------------------
> Migrate from Log4j 1.x to Log4j 2.x due to CVE-2019-17571
> ---------------------------------------------------------
>
> Key: PLUTO-787
> URL: https://issues.apache.org/jira/browse/PLUTO-787
> Project: Pluto
> Issue Type: Task
> Components: demo portlets
> Reporter: Neil Griffin
> Assignee: Neil Griffin
> Priority: Major
> Fix For: 3.1.1
>
>
> This task involves migrating the following dependencies due to [CVE-2019-17571|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17571]:
> - log4j:log4j -> org.apache.logging.log4j:log4j-api-2.14.1
> - org.slf4j:slf4j-log4j12 -> org.apache.logging.log4j:log4j-slf4j-impl-2.14.1
--
This message was sent by Atlassian Jira
(v8.20.1#820001)