Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-4452

Log4j 1.X CVE-2022-23302/5/7 vulnerabilities

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.8.0, 3.7.1, 3.6.4
    • security
    • None

    Description

      Some log4j 1.x vulnerabilities have been disclosed recently:   

      We would like to know if zookeeper is affected by these vulnerabilities ?

      Attachments

        Issue Links

        is related to

        Improvement - An improvement or enhancement to an existing feature or task. ZOOKEEPER-4427 Migrate to Logback

        • Major - Major loss of function.
        • Resolved
        relates to

        Improvement - An improvement or enhancement to an existing feature or task. ZOOKEEPER-4455 Move to https://reload4j.qos.ch/ (remove log4j1)

        • Blocker - Blocks development and/or testing work, production could not run
        • Resolved

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            eolivelli Enrico Olivelli
            dominique Dominique Mongelli
            Votes:
            1 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment