Thanks Grainier for asking. The official release will be started by the end of next week. We need to do some testing and verification before officially releasing the version.
Best, Junkai On Fri, Apr 1, 2022 at 5:41 AM Grainier Perera <grain...@apache.org> wrote: > Hi devs, > > I see [1] is already addressed CVE-2021-44228 by upgrading the Log4j > version to 2.16.0. I'm wondering whether there's a plan to release a > patched version of Helix with this fix anytime soon? > > [1] https://github.com/apache/helix/pull/1922 > > Thanks & Regards, > Grainier Perera. >
