23307?

Pradeep Agrawal (Jira) Tue, 25 Jan 2022 20:23:05 -0800


    [ 
https://issues.apache.org/jira/browse/RANGER-3596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17482229#comment-17482229
 ]


Pradeep Agrawal commented on RANGER-3596:
-----------------------------------------

Changes are not allowed in released branches, please add changes in your 
local/forked branches and continue.

> Ranger versions 1.1.0, 2.0.0, and 2.1.0 rely on LOG4j1.x. Is it affected by 
> vulnerability CVE-2022-23302/23305/23307?
> ---------------------------------------------------------------------------------------------------------------------
>
>                 Key: RANGER-3596
>                 URL: https://issues.apache.org/jira/browse/RANGER-3596
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>    Affects Versions: 1.1.0, 2.0.0, 2.1.0
>            Reporter: Yuanzhe Geng 
>            Priority: Major
>
> Ranger versions 1.1.0, 2.0.0, and 2.1.0 rely on LOG4j1.x. Is it affected by 
> vulnerability CVE-2022-23302/23305/23307?



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (RANGER-3596) Ranger versions 1.1.0, 2.0.0, and 2.1.0 rely on LOG4j1.x. Is it affected by vulnerability CVE-2022-23302/23305/23307?

Reply via email to