Alexey Serbin has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/18109 )
Change subject: [java] bump log4j up to 2.17.0 version ...................................................................... [java] bump log4j up to 2.17.0 version OK, log4j saga continues: 2.17.0 is the new shiny version to have once the recent security vulnerability CVE-2021-44228 has been fixed in 2.15.0. Without going into the details, let's just update to the most recent one to make various security scanners happy. Release notes for the new version of the package is available at [1]. This is a follow-up to a6079a063c8f38166d91956ad46a4ce695a08019 and ea67260aad998db7d34a94d25261e121a668faec. [1] https://logging.apache.org/log4j/2.x/changes-report.html#a2.17.0 Change-Id: I8642063189ef7add4fc7b573008a4bfe7ac3d98b Reviewed-on: http://gerrit.cloudera.org:8080/18109 Reviewed-by: Attila Bukor <[email protected]> Tested-by: Kudu Jenkins --- M java/gradle/dependencies.gradle 1 file changed, 1 insertion(+), 1 deletion(-) Approvals: Attila Bukor: Looks good to me, approved Kudu Jenkins: Verified -- To view, visit http://gerrit.cloudera.org:8080/18109 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: merged Gerrit-Change-Id: I8642063189ef7add4fc7b573008a4bfe7ac3d98b Gerrit-Change-Number: 18109 Gerrit-PatchSet: 2 Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Andrew Wong <[email protected]> Gerrit-Reviewer: Attila Bukor <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120)
