[jira] (SOLR-15843) Update Log4J dependency

Mike Drob (Jira) Fri, 10 Dec 2021 08:35:07 -0800


    [ https://issues.apache.org/jira/browse/SOLR-15843 ]



    Mike Drob deleted comment on SOLR-15843:
    ----------------------------------

was (Author: mdrob):
Security page has been updated - 
https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228-jndi-features-do-not-protect-against-attacker-controlled-ldap-and-other-jndi-related-endpoints

> Update Log4J dependency
> -----------------------
>
>                 Key: SOLR-15843
>                 URL: https://issues.apache.org/jira/browse/SOLR-15843
>             Project: Solr
>          Issue Type: Task
>      Security Level: Public(Default Security Level. Issues are Public) 
>            Reporter: Mike Drob
>            Assignee: Mike Drob
>            Priority: Critical
>             Fix For: 9.0, 8.11.1
>
>          Time Spent: 2h 50m
>  Remaining Estimate: 0h
>
> Log4j 2.15 is about to be released, we should update when it is available.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] (SOLR-15843) Update Log4J dependency

Reply via email to