Kengo Seki created BIGTOP-3642:
----------------------------------
Summary: Upgrade log4j to 2.17.1 on all components
Key: BIGTOP-3642
URL: https://issues.apache.org/jira/browse/BIGTOP-3642
Project: Bigtop
Issue Type: Improvement
Components: flink, hive, solr
Reporter: Kengo Seki
Assignee: Kengo Seki
At this point of time, all components use log4j 2.16.0+ on branch-3.0 and
master so CVE-2021-44228 and CVE-2021-45046 have already been addressed (thanks
a lot [~elukey] [~yoda-mon] [~iwasakims]!).
It is better to upgrade them to 2.17.1 before the release for addressing
CVE-2021-45105 and CVE-2021-44832.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
