Uploaded image for project: 'Phoenix'
  1. Phoenix
  2. PHOENIX-6636

Replace bundled log4j libraries with reload4j

    XMLWordPrintableJSON

Details

    Description

      To reduce the number of dependecies with unresolved CVEs, replace the bundled log4j libraries with reload4j (https://reload4j.qos.ch/).
      This will also require bumping the slf4j version.

      This is a quick fix, and does not preclude moving to some different backend later (like log4j2 or logback)

      Attachments

        Issue Links

          causes

          Task - A task that needs to be done. PHOENIX-6697 log4j-reload4j is missing from phoenix-assembly

          • Major - Major loss of function.
          • Resolved
          relates to

          Improvement - An improvement or enhancement to an existing feature or task. PHOENIX-6660 Ship reload4j in queryserver assembly

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link GitHub Pull Request #1379

          Web Link PR for Phoenix

          Activity

            People

              stoty Istvan Toth
              stoty Istvan Toth
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: