You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pinot.apache.org by xi...@apache.org on 2021/12/12 01:16:23 UTC
[pinot] 02/02: update log4j 2 to avoid CVE-2021-44228 (#7889)
This is an automated email from the ASF dual-hosted git repository.
xiangfu pushed a commit to branch release-0.9.1-rc
in repository https://gitbox.apache.org/repos/asf/pinot.git
commit 0e8d435f72fc6ae170616ce81340e7282e0154be
Author: Richard Startin <ri...@startree.ai>
AuthorDate: Fri Dec 10 14:53:48 2021 +0000
update log4j 2 to avoid CVE-2021-44228 (#7889)
---
LICENSE-binary | 8 ++++----
pom.xml | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/LICENSE-binary b/LICENSE-binary
index a75f9d8..430f8a5 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -345,10 +345,10 @@ org.apache.httpcomponents:httpmime:4.5.3
org.apache.kafka:kafka-clients:2.0.0
org.apache.kafka:kafka_2.10:0.9.0.1
org.apache.kafka:kafka_2.11:2.0.0
-org.apache.logging.log4j:log4j-1.2-api:2.11.2
-org.apache.logging.log4j:log4j-api:2.11.2
-org.apache.logging.log4j:log4j-core:2.11.2
-org.apache.logging.log4j:log4j-slf4j-impl:2.11.2
+org.apache.logging.log4j:log4j-1.2-api:2.15.0
+org.apache.logging.log4j:log4j-api:2.15.0
+org.apache.logging.log4j:log4j-core:2.15.0
+org.apache.logging.log4j:log4j-slf4j-impl:2.15.0
org.apache.lucene:lucene-analyzers-common:8.2.0
org.apache.lucene:lucene-core:8.2.0
org.apache.lucene:lucene-queries:8.2.0
diff --git a/pom.xml b/pom.xml
index ca50725..cc5dc2e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -146,7 +146,7 @@
<snappy-java.version>1.1.1.7</snappy-java.version>
<zstd-jni.version>1.4.9-5</zstd-jni.version>
<lz4-java.version>1.7.1</lz4-java.version>
- <log4j.version>2.11.2</log4j.version>
+ <log4j.version>2.15.0</log4j.version>
<netty.version>4.1.54.Final</netty.version>
<reactivestreams.version>1.0.3</reactivestreams.version>
<jts.version>1.16.1</jts.version>
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org