You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zeppelin.apache.org by "wangyuyi (Jira)" <ji...@apache.org> on 2021/07/07 02:50:00 UTC
[jira] [Created] (ZEPPELIN-5452) 建议升级log4j版本
wangyuyi created ZEPPELIN-5452:
----------------------------------
Summary: 建议升级log4j版本
Key: ZEPPELIN-5452
URL: https://issues.apache.org/jira/browse/ZEPPELIN-5452
Project: Zeppelin
Issue Type: Improvement
Components: conf
Affects Versions: 0.9.0
Reporter: wangyuyi
<log4j.version>1.2.17</log4j.version>
目前使用log4j为1.2.17版本,此版本存在:反序列化漏洞(CVE201917571) ,建议能升级到版本(目前应该是2.14.1)
h1.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)