This is an automated email from the ASF dual-hosted git repository.
slfan1989 pushed a commit to branch branch-3.4
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/branch-3.4 by this push:
new e3990ca57d5 HADOOP-19765. Upgrade to log4j 2.25.3 due to
CVE-2025-68161 (#8157) (#8161) Contributed by PJ Fanning
e3990ca57d5 is described below
commit e3990ca57d53678bdcb66cfbf061c3b3dc071968
Author: PJ Fanning <[email protected]>
AuthorDate: Sun Jan 4 08:08:11 2026 +0100
HADOOP-19765. Upgrade to log4j 2.25.3 due to CVE-2025-68161 (#8157) (#8161)
Contributed by PJ Fanning
* HADOOP-19765. Upgrade to log4j 2.25.3 due to CVE-2025-68161
Signed-off-by: Shilun Fan <[email protected]>
---
hadoop-project/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml
index ab8bcce7139..95e7c22e48e 100644
--- a/hadoop-project/pom.xml
+++ b/hadoop-project/pom.xml
@@ -81,7 +81,7 @@
<!-- SLF4J/LOG4J version -->
<slf4j.version>1.7.36</slf4j.version>
<reload4j.version>1.2.22</reload4j.version>
- <log4j2.version>2.17.1</log4j2.version>
+ <log4j2.version>2.25.3</log4j2.version>
<!-- com.google.re2j version -->
<re2j.version>1.1</re2j.version>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
