[
https://issues.apache.org/jira/browse/NIFI-9486?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17459439#comment-17459439
]
ASF subversion and git services commented on NIFI-9486:
-------------------------------------------------------
Commit 0cb61f63ccd0eb500d1edfba0ef3f021404f60d7 in nifi's branch
refs/heads/support/nifi-1.15 from Bryan Bende
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=0cb61f6 ]
NIFI-9486 This closes #5604. Upgrade to logback 1.2.8, remove unnecessary
dependencyManagement entries in minifi and nifi-registry in favor of root pom
Remove unnecessary use of slf4j-simple
> Upgrade to logback 1.2.8
> ------------------------
>
> Key: NIFI-9486
> URL: https://issues.apache.org/jira/browse/NIFI-9486
> Project: Apache NiFi
> Issue Type: Improvement
> Reporter: Bryan Bende
> Assignee: Bryan Bende
> Priority: Major
> Fix For: 1.16.0, 1.15.1
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> Logback just released version 1.2.8 to address a vulnerability described in
> [https://jira.qos.ch/browse/LOGBACK-1591] . We are currently on logback 1.2.6.
> And another vulnerability arguably from 1.2.7
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
