This is an automated email from the ASF dual-hosted git repository.
bharathkk pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/samza.git
The following commit(s) were added to refs/heads/master by this push:
new 05d5916 Bump up log4j2 version (#1569)
05d5916 is described below
commit 05d5916f6b8e900fba09c2183663cd14ebeaf654
Author: Alan Zhang <[email protected]>
AuthorDate: Tue Dec 14 13:00:41 2021 -0800
Bump up log4j2 version (#1569)
The log4j2 2.15.0 is still vulnerable, we will need to bump up to 2.16.0:
https://logging.apache.org/log4j/2.x/changes-report.html#a2.16.0
---
gradle/dependency-versions.gradle | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gradle/dependency-versions.gradle
b/gradle/dependency-versions.gradle
index 20351b0..ff99eb6 100644
--- a/gradle/dependency-versions.gradle
+++ b/gradle/dependency-versions.gradle
@@ -38,7 +38,7 @@
junitVersion = "4.12"
kafkaVersion = "2.3.1"
log4jVersion = "1.2.17"
- log4j2Version = "2.15.0"
+ log4j2Version = "2.16.0"
metricsVersion = "2.2.0"
mockitoVersion = "1.10.19"
powerMockVersion = "1.6.6"
