This is an automated email from the ASF dual-hosted git repository.
alexey pushed a commit to branch branch-1.15.x
in repository https://gitbox.apache.org/repos/asf/kudu.git
The following commit(s) were added to refs/heads/branch-1.15.x by this push:
new b35c53e [java] bump log4j up to 2.16.0 version
b35c53e is described below
commit b35c53e98aa3c7c179f5b57b0d1fd121921724d6
Author: Alexey Serbin <[email protected]>
AuthorDate: Mon Dec 13 17:22:16 2021 -0800
[java] bump log4j up to 2.16.0 version
OK, it seems 2.16.0 is the new shiny version to have once the recent
security vulnerability CVE-2021-44228 has been fixed in 2.15.0.
Release notes for the new version of the package is available at [1].
This is a follow-up to a6079a063c8f38166d91956ad46a4ce695a08019.
[1] https://logging.apache.org/log4j/2.x/changes-report.html#a2.16.0
Change-Id: Ied261b7fdb412839b40a0d68a131963c61b09356
Reviewed-on: http://gerrit.cloudera.org:8080/18095
Reviewed-by: Andrew Wong <[email protected]>
Tested-by: Kudu Jenkins
(cherry picked from commit ea67260aad998db7d34a94d25261e121a668faec)
Reviewed-on: http://gerrit.cloudera.org:8080/18096
Reviewed-by: Greg Solovyev <[email protected]>
Reviewed-by: Attila Bukor <[email protected]>
---
java/gradle/dependencies.gradle | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/gradle/dependencies.gradle b/java/gradle/dependencies.gradle
index 6922819..d81874a 100755
--- a/java/gradle/dependencies.gradle
+++ b/java/gradle/dependencies.gradle
@@ -45,7 +45,7 @@ versions += [
jmh : "1.28",
jsr305 : "3.0.2",
junit : "4.13.2",
- log4j : "2.15.0",
+ log4j : "2.16.0",
micrometer : "1.6.5",
mockito : "3.8.0",
murmur : "1.0.0",
