[HIVE-25825] upgrade log4j 2.16.0 to 2.17.0+ due to CVE-2021-45105 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 4.0.0
Fix Version/s: 4.0.0-alpha-1
Component/s: Hive, Standalone Metastore
Labels:
- pull-request-available
- release-3.1.3

Target Version/s:

4.0.0

Description

upgrade log4j 2.16.0 to 2.17.0+ due to CVE-2021-45105

CVE - CVE-2021-45105 (mitre.org)：https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HIVE-25825.patch
20/Dec/21 13:44
2 kB
renjianting

Issue Links

depends upon

HIVE-25804 Update log4j2 version to 2.16.0 to incorporate further CVE-2021-44228 hardening

Closed

links to

GitHub Pull Request #2901

Activity

People

Assignee:: renjianting

Reporter:: renjianting

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 20/Dec/21 12:39

Updated:: 17/Nov/22 08:48

Resolved:: 23/Dec/21 05:18

Time Tracking

Estimated:

Not Specified

Remaining:

0h

Logged:

40m