ctubbsii commented on pull request #1802: URL: https://github.com/apache/zookeeper/pull/1802#issuecomment-1066159594
> Thanks for looking into this @eolivelli > > For the Vulnerability issue reported from slf4j-log4j12, how about updating slf4j version from `1.7.30` to `1.7.35`? Another thing we can try is replacing slf4j-log4j12 with slf4j-reload4j for the binding after upgrading slf4j to 1.7.35. Both of these should be done. slf4j-log4j12 after 1.7.35 is just a simple redirect to slf4j-reload4j anyway. On the class path, it makes no difference, because the jar it resolves to is the same. It's just a name change. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
