[
https://issues.apache.org/jira/browse/HDDS-6124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17462640#comment-17462640
]
Hui Fei commented on HDDS-6124:
-------------------------------
The fix version is wrong. Because it is merged into master, the fix version
should be 1.3.0
And if we want to fix version 1.2.1, need to backport the patch or branch-1.2,
yes?
[~neoyang] [~smeng]
> Update log4j version to 2.17.0 version
> --------------------------------------
>
> Key: HDDS-6124
> URL: https://issues.apache.org/jira/browse/HDDS-6124
> Project: Apache Ozone
> Issue Type: Bug
> Reporter: Ke-Yi Sung
> Assignee: Ke-Yi Sung
> Priority: Critical
> Labels: pull-request-available
> Fix For: 1.2.1
>
>
> For details, please see:[Security Vulnerability
> CVE-2021-45105|https://logging.apache.org/log4j/2.x/index.html]
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
