[
https://issues.apache.org/jira/browse/FLUME-3480?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nikita Pande updated FLUME-3480:
--------------------------------
Description:
* log4j1.2.17 is still being used in . It is EOL and vulnerable jar
* Also build-support module plugin still uses log4j:log4j:jar:1.2.12 which is
vulnerable
* It should be removed and replaced by a module with minimal software change
was:
* log4j1.2.17 is still being used in . It is EOL and vulnerable jar
* It should be removed and replaced by a module with minimal software change
> remove Log4J 1.2.17 as it has reached its end of life
> -----------------------------------------------------
>
> Key: FLUME-3480
> URL: https://issues.apache.org/jira/browse/FLUME-3480
> Project: Flume
> Issue Type: Improvement
> Reporter: Nikita Pande
> Assignee: Nikita Pande
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> * log4j1.2.17 is still being used in . It is EOL and vulnerable jar
> * Also build-support module plugin still uses log4j:log4j:jar:1.2.12 which is
> vulnerable
> * It should be removed and replaced by a module with minimal software change
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
