(dubbo) branch 3.3 updated: Bump log4j2_version from 2.25.0 to 2.25.2 (#15870)

Mon, 15 Dec 2025 06:37:43 -0800 

This is an automated email from the ASF dual-hosted git repository.

rainyu pushed a commit to branch 3.3
in repository https://gitbox.apache.org/repos/asf/dubbo.git


The following commit(s) were added to refs/heads/3.3 by this push:
     new 0a9c5111b4 Bump log4j2_version from 2.25.0 to 2.25.2 (#15870)
0a9c5111b4 is described below

commit 0a9c5111b49872fcafa354a6165872b4e88f2329
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Mon Dec 15 22:37:13 2025 +0800

    Bump log4j2_version from 2.25.0 to 2.25.2 (#15870)
    
    Bumps `log4j2_version` from 2.25.0 to 2.25.2.
    
    Updates `org.apache.logging.log4j:log4j-api` from 2.25.0 to 2.25.2
    
    Updates `org.apache.logging.log4j:log4j-core` from 2.25.0 to 2.25.2
    
    Updates `org.apache.logging.log4j:log4j-slf4j-impl` from 2.25.0 to 2.25.2
    
    Updates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.25.0 to 2.25.2
    
    ---
    updated-dependencies:
    - dependency-name: org.apache.logging.log4j:log4j-api
      dependency-version: 2.25.2
      dependency-type: direct:production
      update-type: version-update:semver-patch
    - dependency-name: org.apache.logging.log4j:log4j-core
      dependency-version: 2.25.2
      dependency-type: direct:production
      update-type: version-update:semver-patch
    - dependency-name: org.apache.logging.log4j:log4j-slf4j-impl
      dependency-version: 2.25.2
      dependency-type: direct:production
      update-type: version-update:semver-patch
    - dependency-name: org.apache.logging.log4j:log4j-slf4j2-impl
      dependency-version: 2.25.2
      dependency-type: direct:production
      update-type: version-update:semver-patch
    ...
    
    Signed-off-by: dependabot[bot] <[email protected]>
    Co-authored-by: dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
---
 dubbo-dependencies-bom/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dubbo-dependencies-bom/pom.xml b/dubbo-dependencies-bom/pom.xml
index 2873c7a772..3c0fb108bb 100644
--- a/dubbo-dependencies-bom/pom.xml
+++ b/dubbo-dependencies-bom/pom.xml
@@ -151,7 +151,7 @@
     <log4j_version>1.2.17</log4j_version>
     <logback_version>1.2.13</logback_version>
     <!-- Fix the bug of log4j 
refer:https://github.com/apache/logging-log4j2/pull/608 -->
-    <log4j2_version>2.25.0</log4j2_version>
+    <log4j2_version>2.25.2</log4j2_version>
     <commons_io_version>2.19.0</commons_io_version>
     <commons-codec_version>1.18.0</commons-codec_version>
     <groovy_version>4.0.27</groovy_version>

Reply via email to