This is an automated email from the ASF dual-hosted git repository. zhangyifan pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/kudu.git
commit 67ba3cae45143d083bdac119f45278ce0d2bfefb Author: Attila Bukor <[email protected]> AuthorDate: Wed Dec 29 12:48:55 2021 +0100 [java] Bump log4j to 2.17.1 Yet another Log4j vulnerability has been identified (CVE-2021-44832) which has been patched in 2.17.1[1]. This commit bumps the log4j dependency to this version. [1] https://logging.apache.org/log4j/2.x/security.html#CVE-2021-44832 Change-Id: I42fe9f3124943b6fa42670a04c2fd7266299165f Reviewed-on: http://gerrit.cloudera.org:8080/18115 Tested-by: Kudu Jenkins Reviewed-by: Alexey Serbin <[email protected]> --- java/gradle/dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/gradle/dependencies.gradle b/java/gradle/dependencies.gradle index 90a88b6..fe41d63 100755 --- a/java/gradle/dependencies.gradle +++ b/java/gradle/dependencies.gradle @@ -45,7 +45,7 @@ versions += [ jmh : "1.28", jsr305 : "3.0.2", junit : "4.13.2", - log4j : "2.17.0", + log4j : "2.17.1", micrometer : "1.6.5", mockito : "3.8.0", murmur : "1.0.0",
