[ https://issues.apache.org/jira/browse/NIFI-12438?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17791439#comment-17791439 ]
ASF subversion and git services commented on NIFI-12438: -------------------------------------------------------- Commit ff0cfaed82dc0f41c8a9efd9f62c4f186c810ccc in nifi's branch refs/heads/support/nifi-1.x from dependabot[bot] [ https://gitbox.apache.org/repos/asf?p=nifi.git;h=ff0cfaed82 ] NIFI-12438 Upgraded Logback from 1.3.11 to 1.3.13 This closes #8085 and #8086 Signed-off-by: David Handermann <exceptionfact...@apache.org> (cherry picked from commit 24ba6d89c7b42bcdabf1d4053d22ff3fede10942) > Upgrade Logback to 1.3.13 > ------------------------- > > Key: NIFI-12438 > URL: https://issues.apache.org/jira/browse/NIFI-12438 > Project: Apache NiFi > Issue Type: Improvement > Components: Core Framework > Reporter: David Handermann > Assignee: David Handermann > Priority: Major > Fix For: 1.25.0, 2.0.0 > > Time Spent: 40m > Remaining Estimate: 0h > > Logback [1.3.13]([https://logback.qos.ch/news.html)] includes a minor bug fix > and incorporates several important improvements added in version 1.3.12. > Logback 1.3.12 mitigates CVE-2023-6378, which applies to socket-based Logback > receivers and not to standard project usage of Logback file appenders. -- This message was sent by Atlassian Jira (v8.20.10#820010)