[jira] [Resolved] (FLINK-25375) Update Log4j to 2.17.0

Konstantin Knauf (Jira) Sat, 25 Dec 2021 23:45:06 -0800


     [ 
https://issues.apache.org/jira/browse/FLINK-25375?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Konstantin Knauf resolved FLINK-25375.
--------------------------------------
    Resolution: Fixed

> Update Log4j to 2.17.0
> ----------------------
>
>                 Key: FLINK-25375
>                 URL: https://issues.apache.org/jira/browse/FLINK-25375
>             Project: Flink
>          Issue Type: Bug
>    Affects Versions: 1.11.6, 1.12.7, 1.13.5, 1.14.2
>            Reporter: Sergey Nuyanzin
>            Assignee: Konstantin Knauf
>            Priority: Critical
>              Labels: pull-request-available
>             Fix For: 1.15.0, 1.12.8, 1.13.6, 1.14.3
>
>
> Log4j 2.17.0 has been released [1] 
> This release contains the changes noted below:
>     Address CVE-2021-45105.
>     Require components that use JNDI to be enabled individually via system 
> properties.
>     Remove LDAP and LDAPS as supported protocols from JNDI.
> [1] 
> https://github.com/apache/logging-log4j2/blob/6b1581901ba7a107cdc4a2208ecec03655722b44/RELEASE-NOTES.md#apache-log4j-2170-release-notes



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (FLINK-25375) Update Log4j to 2.17.0

Reply via email to