[kudu-CR](branch-1.13.x) [java] bump log4j up to 2.15.0 version

Fri, 10 Dec 2021 14:47:29 -0800 

Hello Kudu Jenkins, Andrew Wong, Greg Solovyev,

I'd like you to do a code review. Please visit

    http://gerrit.cloudera.org:8080/18089

to review the following change.


Change subject: [java] bump log4j up to 2.15.0 version
......................................................................

[java] bump log4j up to 2.15.0 version

Kudu doesn't use Java for the server-side components, but to keep
various security scanners happy regarding the recent security
vulnerabilities like [1], let's update the log4j package up to the
recently released 2.15.0 version (2021-12-06).  Release notes for the
new version of the package is available at [2].

[1] https://logging.apache.org/log4j/2.x/security.html
[2] https://logging.apache.org/log4j/2.x/changes-report.html#a2.15.0

Change-Id: Ib7317447f24916795d8f00e3f6c418707c7fd4ff
Reviewed-on: http://gerrit.cloudera.org:8080/18084
Reviewed-by: Andrew Wong <[email protected]>
Reviewed-by: Greg Solovyev <[email protected]>
Tested-by: Kudu Jenkins
(cherry picked from commit 44e517519e1507eafe58bd9179940160e6934079)
  Conflicts:
    java/gradle/dependencies.gradle
---
M java/gradle/dependencies.gradle
1 file changed, 1 insertion(+), 1 deletion(-)



  git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/89/18089/1
--
To view, visit http://gerrit.cloudera.org:8080/18089
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: kudu
Gerrit-Branch: branch-1.13.x
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ib7317447f24916795d8f00e3f6c418707c7fd4ff
Gerrit-Change-Number: 18089
Gerrit-PatchSet: 1
Gerrit-Owner: Alexey Serbin <[email protected]>
Gerrit-Reviewer: Andrew Wong <[email protected]>
Gerrit-Reviewer: Greg Solovyev <[email protected]>
Gerrit-Reviewer: Kudu Jenkins (120)

Reply via email to