[
https://issues.apache.org/jira/browse/KYLIN-5144?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17464330#comment-17464330
]
Sonu Kumar Singh commented on KYLIN-5144:
-----------------------------------------
Hi Zang,
Thanks for the update.
Just want to update you, we are packaging Avatica Jar 1.12.0 in ROOT.war or
Kylin.war.
!screenshot-1.png!
> Apache Calcite Avatica is affected from log4j CVE-2021-44228.
> -------------------------------------------------------------
>
> Key: KYLIN-5144
> URL: https://issues.apache.org/jira/browse/KYLIN-5144
> Project: Kylin
> Issue Type: Improvement
> Components: Others
> Affects Versions: v3.1.3
> Reporter: Sonu Kumar Singh
> Assignee: Sonu Kumar Singh
> Priority: Major
> Fix For: v3.1.4
>
> Attachments: image-2021-12-21-15-08-37-651.png, screenshot-1.png
>
>
> As per Apache Blogs (https://blogs.apache.org/security/entry/cve-2021-44228),
> Apache Calcite Avatica is affected from log4j CVE-2021-44228 and there is a
> suggestion from the Apache Calcite team to upgrade Apache Calcite Avatica to
> 1.20.0 (https://lists.apache.org/thread/3vn3j4fmr2dn9s0x1604pdxz7x4fo8wz)
> !image-2021-12-21-15-08-37-651.png|thumbnail!
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
