This is an automated email from the ASF dual-hosted git repository. ngangam pushed a commit to branch revert-3624-HIVE-26567 in repository https://gitbox.apache.org/repos/asf/hive.git
commit 09282ddceba2f87c4335545cf3a45a8c0c0addcc Author: Naveen Gangam <[email protected]> AuthorDate: Tue Sep 27 09:20:12 2022 -0400 Revert "Hive Security - Upgrade Apache Log4j to 2.18.0 due to critical CVEs (#3624)" This reverts commit c9e7f5dd6191636232921279acc1a5dd5a6fcaff. --- pom.xml | 2 +- standalone-metastore/pom.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index c64503fd60d..6ba56a0adc0 100644 --- a/pom.xml +++ b/pom.xml @@ -170,7 +170,7 @@ <!-- Leaving libfb303 at 0.9.3 regardless of libthrift: As per THRIFT-4613 The Apache Thrift project does not publish items related to fb303 at this point --> <libfb303.version>0.9.3</libfb303.version> <libthrift.version>0.16.0</libthrift.version> - <log4j2.version>2.18.0</log4j2.version> + <log4j2.version>2.17.1</log4j2.version> <mariadb.version>2.5.0</mariadb.version> <mssql.version>6.2.1.jre8</mssql.version> <mysql.version>8.0.27</mysql.version> diff --git a/standalone-metastore/pom.xml b/standalone-metastore/pom.xml index a6719b27605..301fc3a5b4e 100644 --- a/standalone-metastore/pom.xml +++ b/standalone-metastore/pom.xml @@ -84,7 +84,7 @@ <junit.vintage.version>5.6.2</junit.vintage.version> <libfb303.version>0.9.3</libfb303.version> <libthrift.version>0.16.0</libthrift.version> - <log4j2.version>2.18.0</log4j2.version> + <log4j2.version>2.17.1</log4j2.version> <mockito-core.version>3.3.3</mockito-core.version> <orc.version>1.6.9</orc.version> <protobuf.version>3.21.4</protobuf.version>
