Alexey Serbin has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/18084 )
Change subject: [java] bump log4j up to 2.15.0 version ...................................................................... [java] bump log4j up to 2.15.0 version Kudu doesn't use Java for the server-side components, but to keep various security scanners happy regarding the recent security vulnerabilities like [1], let's update the log4j package up to the recently released 2.15.0 version (2021-12-06). Release notes for the new version of the package is available at [2]. [1] https://logging.apache.org/log4j/2.x/security.html [2] https://logging.apache.org/log4j/2.x/changes-report.html#a2.15.0 Change-Id: Ib7317447f24916795d8f00e3f6c418707c7fd4ff Reviewed-on: http://gerrit.cloudera.org:8080/18084 Reviewed-by: Andrew Wong <[email protected]> Reviewed-by: Greg Solovyev <[email protected]> Tested-by: Kudu Jenkins --- M java/gradle/dependencies.gradle 1 file changed, 1 insertion(+), 1 deletion(-) Approvals: Andrew Wong: Looks good to me, approved Greg Solovyev: Looks good to me, but someone else must approve Kudu Jenkins: Verified -- To view, visit http://gerrit.cloudera.org:8080/18084 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: merged Gerrit-Change-Id: Ib7317447f24916795d8f00e3f6c418707c7fd4ff Gerrit-Change-Number: 18084 Gerrit-PatchSet: 2 Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Andrew Wong <[email protected]> Gerrit-Reviewer: Greg Solovyev <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120)
