[
https://issues.apache.org/jira/browse/OOZIE-3649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17475165#comment-17475165
]
ASF subversion and git services commented on OOZIE-3649:
--------------------------------------------------------
Commit b3943fcff32f90e6a72f83871e3bbcb3361f3326 in oozie's branch
refs/heads/master from Andras Salamon
[ https://gitbox.apache.org/repos/asf?p=oozie.git;h=b3943fc ]
OOZIE-3649 Upgrade transitive log4j2 version to 2.17.1 (dionusos via asalamon74)
Oozie currently does not use log4j2 directly but in case of a future use this
commit ensures that no vulnerable log4j2 dependency comes in.
> Upgrade log4j2 versions to 2.17.1
> ---------------------------------
>
> Key: OOZIE-3649
> URL: https://issues.apache.org/jira/browse/OOZIE-3649
> Project: Oozie
> Issue Type: Bug
> Affects Versions: 5.2.1
> Reporter: Dénes Bodó
> Assignee: Dénes Bodó
> Priority: Blocker
> Labels: security
> Attachments: OOZIE-3649-001.patch
>
>
> Due to several security improvements recently made in log4j2 we should
> upgrade its version to the latest 2.17.1.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
