My understanding is it only applies to log4j 2+ so we don’t need to do anything.
On Sun, Dec 12, 2021 at 8:46 PM Pralabh Kumar <pralabhku...@gmail.com> wrote: > Hi developers, users > > Spark is built using log4j 1.2.17 . Is there a plan to upgrade based on > recent CVE detected ? > > > Regards > Pralabh kumar > -- Twitter: https://twitter.com/holdenkarau Books (Learning Spark, High Performance Spark, etc.): https://amzn.to/2MaRAG9 <https://amzn.to/2MaRAG9> YouTube Live Streams: https://www.youtube.com/user/holdenkarau