Update log4j to 2.17 - Githubissues

Netflix / genie

Distributed Big Data Orchestration Service

https://netflix.github.io/genie

Apache License 2.0

1.71k stars 367 forks source link

Update log4j to 2.17 #1134

Closed loganaden closed 2 years ago

loganaden commented 2 years ago

This fixes this security issue: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105

coveralls commented 2 years ago

Coverage remained the same at 93.781% when pulling af836bee287e1c686ca232e83a6e3fa65062ba85 on cyberstormdotmu:master into dabb78c3a898542d159802dc0e8de268074a7f1c on Netflix:master.

tgianos commented 2 years ago

Thanks @loganaden but looks like by now we should be on 2.17.1 as there is still a vulnerability on 2.17.0. I'll upgrade to that in separate PR.