[
https://issues.apache.org/jira/browse/GEODE-9905?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17463516#comment-17463516
]
ASF subversion and git services commented on GEODE-9905:
--------------------------------------------------------
Commit c257bdd545a1749b8709fd4bc25c819ea6a06c76 in geode's branch
refs/heads/support/1.13 from Kirk Lund
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=c257bdd ]
GEODE-9905: [1.13] Bump log4j from 2.16.0 to 2.17.0 (#7218)
Co-authored-by: Owen Nichols
<[email protected]>
(cherry picked from commit 45714b36b04f89b56c81e97cb03fc0fbf95f58c9)
(cherry picked from commit 9805c506a34e173a1da829acd3a4450ab3349f03)
> bump log4j to 2.17.0
> --------------------
>
> Key: GEODE-9905
> URL: https://issues.apache.org/jira/browse/GEODE-9905
> Project: Geode
> Issue Type: Improvement
> Components: core
> Reporter: Owen Nichols
> Assignee: Kirk Lund
> Priority: Major
> Labels: pull-request-available
>
> Although Geode is not vulnerable to the log4j recursive substitution issue
> fixed in 2.17.0, it's probably a good idea to keep up with the latest log4j
> security patches
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
