[
https://issues.apache.org/jira/browse/KYLIN-5144?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17463567#comment-17463567
]
Yaqian Zhang commented on KYLIN-5144:
-------------------------------------
Hi [~sonuSINGH]:
Thank you for your report! We will try to upgrade Apache Calcite Avatica to
1.20.0 in Apache Kylin.
Since this may cause some compatibility problems, so we need to evaluate and
test it for some time before releasing the version.
> Apache Calcite Avatica is affected from log4j CVE-2021-44228.
> -------------------------------------------------------------
>
> Key: KYLIN-5144
> URL: https://issues.apache.org/jira/browse/KYLIN-5144
> Project: Kylin
> Issue Type: Improvement
> Components: Others
> Affects Versions: v3.1.3
> Reporter: Sonu Kumar Singh
> Assignee: Sonu Kumar Singh
> Priority: Major
> Fix For: v3.1.4
>
> Attachments: image-2021-12-21-15-08-37-651.png
>
>
> As per Apache Blogs (https://blogs.apache.org/security/entry/cve-2021-44228),
> Apache Calcite Avatica is affected from log4j CVE-2021-44228 and there is a
> suggestion from the Apache Calcite team to upgrade Apache Calcite Avatica to
> 1.20.0 (https://lists.apache.org/thread/3vn3j4fmr2dn9s0x1604pdxz7x4fo8wz)
> !image-2021-12-21-15-08-37-651.png|thumbnail!
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
