[SPARK-37630] Security issue from Log4j 1.X exploit - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Duplicate
Affects Version/s: 2.4.8, 3.2.0
Fix Version/s: None
Component/s: Spark Core
Labels:
- security

Description

log4j is being used in version 1.2.17]

This version has been deprecated and since then have a known issue that hasn't been adressed in 1.X versions.

Solution:

Upgrade log4j to version 2.15.0 which correct all known issues. Last known issues

Attachments

Issue Links

duplicates

SPARK-6305 Add support for log4j 2.x to Spark

Resolved

relates to

SPARK-6305 Add support for log4j 2.x to Spark

Resolved

SPARK-37625 update log4j to 2.15

Resolved

Activity

People

Assignee:: Unassigned

Reporter:: Ismail H

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 13/Dec/21 15:27

Updated:: 21/Feb/22 21:40

Resolved:: 15/Dec/21 00:09