[jira] [Updated] (HBASE-28532) remove vulnerable slf4j-log4j12 dependency

Nikita Pande (Jira) Wed, 17 Apr 2024 06:36:42 -0700


     [ 
https://issues.apache.org/jira/browse/HBASE-28532?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Nikita Pande updated HBASE-28532:
---------------------------------
    Component/s: hbase-operator-tools

> remove vulnerable slf4j-log4j12 dependency
> ------------------------------------------
>
>                 Key: HBASE-28532
>                 URL: https://issues.apache.org/jira/browse/HBASE-28532
>             Project: HBase
>          Issue Type: Improvement
>          Components: hbase-operator-tools
>            Reporter: Nikita Pande
>            Priority: Major
>
> slf4j-log4j12 is a bridge from SLF4J to Log4j 1.x.
> Since log4j 1.x is vulnerable , so this needs to be removed.
>  
> It is to be replaced with the log4j-slf4j-impl dependency, which is a bridge 
> from SLF4J to Log4j 2.x.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (HBASE-28532) remove vulnerable slf4j-log4j12 dependency

Reply via email to