[JCLOUDS-1601] upgrade log4j due to security issue - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.5.0
Fix Version/s: 2.6.0
Component/s: jclouds-core
Labels:
None

Description

There is a CVE against v2.17.0

https://github.com/apache/jclouds/blob/master/project/pom.xml#L239

https://logging.apache.org/log4j/2.x/security.html

Also, logback version is old (next line in pom)

https://mvnrepository.com/artifact/ch.qos.logback/logback-core

Attachments

Activity

People

Assignee:: Andrew Gaul

Reporter:: PJ Fanning

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 30/Mar/22 13:05

Updated:: 18/Apr/22 13:08

Resolved:: 18/Apr/22 13:08