deadwind4 commented on pull request #18077: URL: https://github.com/apache/flink/pull/18077#issuecomment-990922499
> @deadwind4 Thanks for driving the hot-fix in time. Based on the [article](https://mp.weixin.qq.com/s/Yq9k1eBquz3mM1sCinneiA), It is recommended to update to the Apache Log4j 2.15.0-rc2. "The Alibaba Cloud security team issued a warning again and found that the Apache Log4j 2.15.0-rc1 version had a vulnerability bypass. It is recommended to update to the Apache Log4j 2.15.0-rc2 version in time." 2.15.0 include patch of 2.15.0-rc2 @beyond1920 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
