[jira] [Commented] (RANGER-2782) Upgrade log4j dependency

PJ Fanning (Jira) Sun, 16 Jan 2022 17:26:08 -0800


    [ 
https://issues.apache.org/jira/browse/RANGER-2782?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17476919#comment-17476919
 ]


PJ Fanning commented on RANGER-2782:
------------------------------------

Might be worth considering [https://github.com/qos-ch/reload4j] as a simpler 
change than log4j2 migration.

> Upgrade log4j dependency
> ------------------------
>
>                 Key: RANGER-2782
>                 URL: https://issues.apache.org/jira/browse/RANGER-2782
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>    Affects Versions: 2.0.0
>            Reporter: Bolke de Bruin
>            Assignee: Bolke de Bruin
>            Priority: Blocker
>         Attachments: 
> 0001-RANGER-2782-Upgrade-log4j-to-a-supported-version.patch
>
>
> The current log4j version in ranger is end of life and contains critical 
> security Vulnerabilities
> CVE-2019-17571



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (RANGER-2782) Upgrade log4j dependency

Reply via email to