[HBASE-26570] Upgrade to log4j 2.16.0 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Umbrella
Status: Resolved
Priority: Major
Resolution: Done
Affects Version/s: None
Fix Version/s: None
Component/s: dependencies
Labels:
None

Description

Log4j just release version 2.16.0 where jndi is turned off by default. Based on the release announcement it is not required to fix CVE-2021-44228 but recommended.

https://lists.apache.org/thread/d6v4r6nosxysyq9rvnr779336yf0woz4

Attachments

Issue Links

is a child of

HBASE-26560 Address recent the log4j2 CVEs

Resolved

Sub-Tasks

1.	[hbase-operator-tools] Upgrade to log4j 2.16.0		Resolved	Peter Somogyi
2.	Upgrade to log4j 2.16.0		Resolved	Peter Somogyi

Activity

People

Assignee:: Peter Somogyi

Reporter:: Peter Somogyi

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 14/Dec/21 09:27

Updated:: 19/Dec/21 08:37

Resolved:: 14/Dec/21 20:37