Daniel Nash created AVRO-3304:
---------------------------------
Summary: avro-tools Update log4j (SLF4J) dependency for critical
vulnerability
Key: AVRO-3304
URL: https://issues.apache.org/jira/browse/AVRO-3304
Project: Apache Avro
Issue Type: Task
Components: tools
Affects Versions: 1.11.0
Reporter: Daniel Nash
Our company security is having a fit because Nessus scans are triggering on the
bundled log4j (via SLF4J) in the avro-tools.jar. Please update the log4j
dependencies to the latest versions to remove the critical vulnerability
present in the currently bundled log4j.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
