[HIVE-25839] Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 3.1.2
Fix Version/s: 4.0.0-alpha-1
Component/s: None
Labels:
- pull-request-available

Target Version/s:

4.0.0

Description

High security vulnerability in Log4J - CVE-2021-44832 bundled with Hive

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HIVE-25839.1.patch
07/Jan/22 21:48
1 kB
Hankó Gergely

Issue Links

Blocked

HIVE-25853 Security Vulnerability CVE-2021-44832 log4j2 need upgrade to 2.17.1

Closed

duplicates

HIVE-25853 Security Vulnerability CVE-2021-44832 log4j2 need upgrade to 2.17.1

Closed

is cloned by

HIVE-26568 Upgrade Log4j2 to 2.18.0 due to CVEs

Closed

Is contained by

HIVE-26751 Bug Fixes and Improvements for 3.2.0 release

Open

is duplicated by

HIVE-25876 Update log4j2 version to 2.17.1

Resolved

HIVE-25802 Log4j2 Vulnerability in Hive Storage API

Closed

HIVE-25821 upgrade to log4j 2.17.0 - another CVE: CVE-2021-45105

Closed

links to

GitHub Pull Request #2912

GitHub Pull Request #2930

(2 is duplicated by, 2 links to)

Activity

People

Assignee:: Hankó Gergely

Reporter:: weidong

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 04/Jan/22 03:28

Updated:: 01/Dec/22 09:15

Resolved:: 10/Jan/22 11:23

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

40m