[kudu] branch branch-1.14.x updated: [java] bump log4j up to 2.17.0 version

Mon, 20 Dec 2021 14:59:30 -0800 

This is an automated email from the ASF dual-hosted git repository.

alexey pushed a commit to branch branch-1.14.x
in repository https://gitbox.apache.org/repos/asf/kudu.git


The following commit(s) were added to refs/heads/branch-1.14.x by this push:
     new e6b1435  [java] bump log4j up to 2.17.0 version
e6b1435 is described below

commit e6b1435b0512c8d3a023a97ef68d1c0a3657f62e
Author: Alexey Serbin <[email protected]>
AuthorDate: Mon Dec 20 11:17:09 2021 -0800

    [java] bump log4j up to 2.17.0 version
    
    OK, log4j saga continues: 2.17.0 is the new shiny version to have once
    the recent security vulnerability CVE-2021-44228 has been fixed
    in 2.15.0.  Without going into the details, let's just update to the
    most recent one to make various security scanners happy.
    
    Release notes for the new version of the package is available at [1].
    
    This is a follow-up to a6079a063c8f38166d91956ad46a4ce695a08019 and
    ea67260aad998db7d34a94d25261e121a668faec.
    
    [1] https://logging.apache.org/log4j/2.x/changes-report.html#a2.17.0
    
    Change-Id: I8642063189ef7add4fc7b573008a4bfe7ac3d98b
    Reviewed-on: http://gerrit.cloudera.org:8080/18109
    Reviewed-by: Attila Bukor <[email protected]>
    Tested-by: Kudu Jenkins
    (cherry picked from commit 84600f495e8cff24aa8794d7974d0b6fe77b95db)
      Conflicts:
        java/gradle/dependencies.gradle
    Reviewed-on: http://gerrit.cloudera.org:8080/18111
    Tested-by: Alexey Serbin <[email protected]>
---
 java/gradle/dependencies.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/gradle/dependencies.gradle b/java/gradle/dependencies.gradle
index 0161e47..bc6346b 100755
--- a/java/gradle/dependencies.gradle
+++ b/java/gradle/dependencies.gradle
@@ -46,7 +46,7 @@ versions += [
     jmh            : "1.27",
     jsr305         : "3.0.2",
     junit          : "4.13.1",
-    log4j          : "2.16.0",
+    log4j          : "2.17.0",
     micrometer     : "1.6.2",
     mockito        : "3.6.28",
     murmur         : "1.0.0",

Reply via email to