[
https://issues.apache.org/jira/browse/NIFI-12438?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17791439#comment-17791439
]
ASF subversion and git services commented on NIFI-12438:
--------------------------------------------------------
Commit ff0cfaed82dc0f41c8a9efd9f62c4f186c810ccc in nifi's branch
refs/heads/support/nifi-1.x from dependabot[bot]
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=ff0cfaed82 ]
NIFI-12438 Upgraded Logback from 1.3.11 to 1.3.13
This closes #8085 and #8086
Signed-off-by: David Handermann <exceptionfact...@apache.org>
(cherry picked from commit 24ba6d89c7b42bcdabf1d4053d22ff3fede10942)
> Upgrade Logback to 1.3.13
> -------------------------
>
> Key: NIFI-12438
> URL: https://issues.apache.org/jira/browse/NIFI-12438
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Major
> Fix For: 1.25.0, 2.0.0
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> Logback [1.3.13]([https://logback.qos.ch/news.html)] includes a minor bug fix
> and incorporates several important improvements added in version 1.3.12.
> Logback 1.3.12 mitigates CVE-2023-6378, which applies to socket-based Logback
> receivers and not to standard project usage of Logback file appenders.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
