[JENA-2224] Upgrade to log4j 2.17.0 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Closed
Priority: Major
Resolution: Done
Affects Version/s: Jena 4.3.2
Fix Version/s: Jena 4.4.0
Component/s: Cmd line tools, Fuseki
Labels:
None

Description

https://nvd.nist.gov/vuln/detail/CVE-2021-45105
https://logging.apache.org/log4j/2.x/security.html

This only happens if you change the logging pattern.
As released Fuseki and command line tools do not use the pattern feature involved in CVE-2021-45105.

Attachments

Issue Links

links to

GitHub Pull Request #1136

Activity

People

Assignee:: Andy Seaborne

Reporter:: Andy Seaborne

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 18/Dec/21 16:46

Updated:: 02/Feb/22 19:31

Resolved:: 19/Dec/21 12:15