This is an automated email from the ASF dual-hosted git repository.
ngangam pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/master by this push:
new c9e7f5dd619 Hive Security - Upgrade Apache Log4j to 2.18.0 due to
critical CVEs (#3624)
c9e7f5dd619 is described below
commit c9e7f5dd6191636232921279acc1a5dd5a6fcaff
Author: Daniel (Hongdan) Zhu <[email protected]>
AuthorDate: Tue Sep 27 06:19:31 2022 -0700
Hive Security - Upgrade Apache Log4j to 2.18.0 due to critical CVEs (#3624)
Co-authored-by: Hongdan Zhu <[email protected]>
---
pom.xml | 2 +-
standalone-metastore/pom.xml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/pom.xml b/pom.xml
index 6ba56a0adc0..c64503fd60d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -170,7 +170,7 @@
<!-- Leaving libfb303 at 0.9.3 regardless of libthrift: As per THRIFT-4613
The Apache Thrift project does not publish items related to fb303 at this point
-->
<libfb303.version>0.9.3</libfb303.version>
<libthrift.version>0.16.0</libthrift.version>
- <log4j2.version>2.17.1</log4j2.version>
+ <log4j2.version>2.18.0</log4j2.version>
<mariadb.version>2.5.0</mariadb.version>
<mssql.version>6.2.1.jre8</mssql.version>
<mysql.version>8.0.27</mysql.version>
diff --git a/standalone-metastore/pom.xml b/standalone-metastore/pom.xml
index 301fc3a5b4e..a6719b27605 100644
--- a/standalone-metastore/pom.xml
+++ b/standalone-metastore/pom.xml
@@ -84,7 +84,7 @@
<junit.vintage.version>5.6.2</junit.vintage.version>
<libfb303.version>0.9.3</libfb303.version>
<libthrift.version>0.16.0</libthrift.version>
- <log4j2.version>2.17.1</log4j2.version>
+ <log4j2.version>2.18.0</log4j2.version>
<mockito-core.version>3.3.3</mockito-core.version>
<orc.version>1.6.9</orc.version>
<protobuf.version>3.21.4</protobuf.version>
