Alexey Serbin has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/18111 )
Change subject: [java] bump log4j up to 2.17.0 version ...................................................................... [java] bump log4j up to 2.17.0 version OK, log4j saga continues: 2.17.0 is the new shiny version to have once the recent security vulnerability CVE-2021-44228 has been fixed in 2.15.0. Without going into the details, let's just update to the most recent one to make various security scanners happy. Release notes for the new version of the package is available at [1]. This is a follow-up to a6079a063c8f38166d91956ad46a4ce695a08019 and ea67260aad998db7d34a94d25261e121a668faec. [1] https://logging.apache.org/log4j/2.x/changes-report.html#a2.17.0 Change-Id: I8642063189ef7add4fc7b573008a4bfe7ac3d98b Reviewed-on: http://gerrit.cloudera.org:8080/18109 Reviewed-by: Attila Bukor <[email protected]> Tested-by: Kudu Jenkins (cherry picked from commit 84600f495e8cff24aa8794d7974d0b6fe77b95db) Conflicts: java/gradle/dependencies.gradle Reviewed-on: http://gerrit.cloudera.org:8080/18111 Tested-by: Alexey Serbin <[email protected]> --- M java/gradle/dependencies.gradle 1 file changed, 1 insertion(+), 1 deletion(-) Approvals: Attila Bukor: Looks good to me, approved Alexey Serbin: Verified -- To view, visit http://gerrit.cloudera.org:8080/18111 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: branch-1.14.x Gerrit-MessageType: merged Gerrit-Change-Id: I8642063189ef7add4fc7b573008a4bfe7ac3d98b Gerrit-Change-Number: 18111 Gerrit-PatchSet: 2 Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Attila Bukor <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120)
