[jira] [Updated] (DATAFU-162) Upgrade Log4j version

Eyal Allweil (Jira) Wed, 18 May 2022 06:23:05 -0700


     [ 
https://issues.apache.org/jira/browse/DATAFU-162?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Eyal Allweil updated DATAFU-162:
--------------------------------
    Labels: up-for-grabs  (was: )

> Upgrade Log4j version
> ---------------------
>
>                 Key: DATAFU-162
>                 URL: https://issues.apache.org/jira/browse/DATAFU-162
>             Project: DataFu
>          Issue Type: Improvement
>            Reporter: Eyal Allweil
>            Priority: Major
>              Labels: up-for-grabs
>
> Although the [infamous Log4J 
> vulnerability|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832] 
> is not relevant for DataFu (we are dependent on log4j 1.x, which is not 
> affected) it is still a pretty good idea to upgrade to a new version.
> The upgrade should keep our logs as similar as possible to the existing 
> version, but this shouldn't necessitate a major version release since this 
> isn't a breaking change.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

[jira] [Updated] (DATAFU-162) Upgrade Log4j version

Reply via email to