Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-4451

vulnerable version of log4j (1.2.15/12.16) is being used in Zookeeper

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Critical
    • Resolution: Duplicate
    • None
    • None
    • None
    • None

    Description

      Even the latest version of Zookeeper (3.7.0) is still using the vulnerable version of log4j

      log4j-1.2.15.jar

      log4j-1.2.16.jar

       

      We require apache Zookeeper tar with the Fix version of log4j (2.17.1)

      Attachments

        Issue Links

          duplicates

          Improvement - An improvement or enhancement to an existing feature or task. ZOOKEEPER-4427 Migrate to Logback

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              nagalnag Nagalakshmi Nagaraj
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: