[NIFI-9240] Upgrade Logback to 1.2.6 and SLF4J to 1.7.32 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 1.14.0
Fix Version/s: 1.15.0
Component/s: Core Framework, MiNiFi, NiFi Registry
Labels:
- dependency-upgrade

Description

Logback 1.2.6 includes internal configuration updates to avoid potential XML External Entity injection when parsing logback.xml as described in LOGBACK-1465. SLF4J 1.7.32 includes a minor update to the SLF4J Simple implementation to address potential concurrency issues as described in SLF4J-515. Both dependencies should be upgraded for all components.

Attachments

Issue Links

links to

GitHub Pull Request #5411

Activity

People

Assignee:: David Handermann

Reporter:: David Handermann

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 22/Sep/21 17:20

Updated:: 24/Sep/21 09:08

Resolved:: 24/Sep/21 09:08

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

0.5h