[jira] [Commented] (FLINK-39146) Update log4j to 2.25.3

Sergey Nuyanzin (Jira) Fri, 20 Mar 2026 10:59:11 -0700


    [ 
https://issues.apache.org/jira/browse/FLINK-39146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18067146#comment-18067146
 ]


Sergey Nuyanzin commented on FLINK-39146:
-----------------------------------------

Merged as 
[https://github.com/apache/flink/commit/406568ee12e3497f8ce3305ed1864568e791d6e7]

> Update log4j to 2.25.3
> ----------------------
>
>                 Key: FLINK-39146
>                 URL: https://issues.apache.org/jira/browse/FLINK-39146
>             Project: Flink
>          Issue Type: Improvement
>            Reporter: Cameron
>            Assignee: Cameron
>            Priority: Major
>              Labels: pull-request-available
>
> log4j-core 2.24.3 contains 
> [CVE-2025-68161|https://github.com/advisories/GHSA-vc5p-v9hr-52mj]
> Updating to 2.25.3 resolves the CVE.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (FLINK-39146) Update log4j to 2.25.3

Reply via email to