Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-25824

Upgrade branch-2.3 to log4j 2.17.0

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.3.8
    • 2.3.10
    • None
    • Reviewed

    Description

      Hi everybody,

      I am wondering if there are any plans to upgrade branch-2.3 to log4j 2.17.0 as it was done in HIVE-25795 (and related).

      In Apache Bigtop we created https://github.com/apache/bigtop/pull/844, since the one before the last release (Bigtop 1.5.0) shipped Hive 2.3.6.

      I can try to file a pull request for branch-2.3 adapting what was done for Bigtop (if the branch is still maintained), but I am currently experiencing some mvn package failures (that seem unrelated to log4j) so I'd need some help for you in case

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. HIVE-25795 [CVE-2021-44228] Update log4j2 version to 2.15.0

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed
          links to

          Web Link GitHub Pull Request #2908

          Activity

            People

              elukey Luca Toscano
              elukey Luca Toscano
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 2h 40m
                  2h 40m