Hello: Nifi 1.16.1 included upgrading to zookeeper 3.5.9, which uses log4j 1.2.17 (NIFI-9955). My client currently has an external zookeeper 3.5.8 deployed, it uses log4j 1.2.17, and it has been flagged to upgrade due to the log4j CVE. I originally thought that log4j 1.x versions were not affected, but I may have over-simplified the logic. Ref: https://www.petefreitag.com/item/926.cfm <https://www.petefreitag.com/item/926.cfm> (no affiliation). It appears that zookeeper 3.5.9 is going to EOL in June 2022. Are there plans to upgrade to zookeeper 3.7.0 or later?
Thanks, Greg
