viswateja.satrapu created KAFKA-13729:
-----------------------------------------
Summary: Kafka Core Components and other projects (like broker)
using older version of the log4j 1.x, need to update 2.x
Key: KAFKA-13729
URL: https://issues.apache.org/jira/browse/KAFKA-13729
Project: Kafka
Issue Type: Bug
Components: core
Affects Versions: 2.4.1
Environment: Production
Reporter: viswateja.satrapu
Fix For: 2.4.1
Hi Team,
We were using Apache Kafka, to handle message transfer. Now in the security
audit, we got vulnerability, due to Apache Kafka core and other projects were
using the older log4j versions 1.x.
You Guys need to update the log4j version from 1.x to 2.x in Core and other
subprojects of Kafka. Can you please help us, to fix that vulnerability,
otherwise can you please share Guide us to upgrade that version from log4j 1.x
to log4j 2.x
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
