[kudu] branch branch-1.15.x updated: [java] Bump log4j to 2.17.1

abukor Thu, 06 Jan 2022 11:49:23 -0800

This is an automated email from the ASF dual-hosted git repository.

abukor pushed a commit to branch branch-1.15.x
in repository https://gitbox.apache.org/repos/asf/kudu.git



The following commit(s) were added to refs/heads/branch-1.15.x by this push:
     new 4346d31  [java] Bump log4j to 2.17.1
4346d31 is described below

commit 4346d317bfbdff7fcb1d8467a295fcb015b71684
Author: Attila Bukor <[email protected]>
AuthorDate: Wed Dec 29 12:48:55 2021 +0100

    [java] Bump log4j to 2.17.1
    
    Yet another Log4j vulnerability has been identified (CVE-2021-44832)
    which has been patched in 2.17.1[1].
    
    This commit bumps the log4j dependency to this version.
    
    [1] https://logging.apache.org/log4j/2.x/security.html#CVE-2021-44832
    
    Change-Id: I42fe9f3124943b6fa42670a04c2fd7266299165f
    Reviewed-on: http://gerrit.cloudera.org:8080/18115
    Tested-by: Kudu Jenkins
    Reviewed-by: Alexey Serbin <[email protected]>
    (cherry picked from commit b1d4f1042278f1b6f8aaecf93ff1ce8825cb5921)
    Reviewed-on: http://gerrit.cloudera.org:8080/18117
    Reviewed-by: Andrew Wong <[email protected]>
---
 java/gradle/dependencies.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/gradle/dependencies.gradle b/java/gradle/dependencies.gradle
index 560d581..e4774c5 100755
--- a/java/gradle/dependencies.gradle
+++ b/java/gradle/dependencies.gradle
@@ -45,7 +45,7 @@ versions += [
     jmh            : "1.28",
     jsr305         : "3.0.2",
     junit          : "4.13.2",
-    log4j          : "2.17.0",
+    log4j          : "2.17.1",
     micrometer     : "1.6.5",
     mockito        : "3.8.0",
     murmur         : "1.0.0",

[kudu] branch branch-1.15.x updated: [java] Bump log4j to 2.17.1

Reply via email to