Uploaded image for project: 'Flink'
  1. Flink
  2. FLINK-36179

Bump log4j version

    XMLWordPrintableJSON

Details

    Description

      Bumping log4j to the latest version (2.23.1) - this will remediate a lot of vulnerabilities in dependant packages.

      Package details:

      1. https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-1.2-api/2.23.1
      2. https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-slf4j-impl/2.23.1
      3. https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-api/2.23.1
      4. https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-core/2.23.1

      Release notes:

      https://logging.apache.org/log4j/2.x/release-notes.html

       

      Lot of bug fixes has been done in the newer versions and I don't see any breaking changes as such.

       

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #877

          Activity

            People

              siddr Siddharth R
              siddr Siddharth R
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: