This is an automated email from the ASF dual-hosted git repository.
alexey pushed a commit to branch branch-1.14.x
in repository https://gitbox.apache.org/repos/asf/kudu.git
The following commit(s) were added to refs/heads/branch-1.14.x by this push:
new b5fb608 [java] bump log4j up to 2.16.0 version
b5fb608 is described below
commit b5fb60854ca8721c95f2f0ce24c01494fc4ac18f
Author: Alexey Serbin <[email protected]>
AuthorDate: Mon Dec 13 17:22:16 2021 -0800
[java] bump log4j up to 2.16.0 version
OK, it seems 2.16.0 is the new shiny version to have once the recent
security vulnerability CVE-2021-44228 has been fixed in 2.15.0.
Release notes for the new version of the package is available at [1].
This is a follow-up to a6079a063c8f38166d91956ad46a4ce695a08019.
[1] https://logging.apache.org/log4j/2.x/changes-report.html#a2.16.0
Change-Id: Ied261b7fdb412839b40a0d68a131963c61b09356
Reviewed-on: http://gerrit.cloudera.org:8080/18095
Reviewed-by: Andrew Wong <[email protected]>
Tested-by: Kudu Jenkins
(cherry picked from commit ea67260aad998db7d34a94d25261e121a668faec)
Conflicts:
java/gradle/dependencies.gradle
Reviewed-on: http://gerrit.cloudera.org:8080/18097
Reviewed-by: Greg Solovyev <[email protected]>
Tested-by: Andrew Wong <[email protected]>
Reviewed-by: Attila Bukor <[email protected]>
---
java/gradle/dependencies.gradle | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/gradle/dependencies.gradle b/java/gradle/dependencies.gradle
index 09f9221..0161e47 100755
--- a/java/gradle/dependencies.gradle
+++ b/java/gradle/dependencies.gradle
@@ -46,7 +46,7 @@ versions += [
jmh : "1.27",
jsr305 : "3.0.2",
junit : "4.13.1",
- log4j : "2.15.0",
+ log4j : "2.16.0",
micrometer : "1.6.2",
mockito : "3.6.28",
murmur : "1.0.0",
