Google Git
Sign in
apache / kudu / refs/heads/branch-1.13.x
commite415f39300fd85dbc786ed941e7b535231c62f9a[log] [tgz]
authorAlexey Serbin <alexey@apache.org>Fri Dec 10 11:59:32 2021 -0800
committerAlexey Serbin <aserbin@cloudera.com>Tue Dec 14 19:04:37 2021 +0000
tree59b0236af780a16059ed7f50ad6e0d2a16e4bd1d
parent519e50faeded50d9f5bdda99627bdafe765f9480 [diff]
[java] bump log4j up to 2.15.0 version

Kudu doesn't use Java for the server-side components, but to keep
various security scanners happy regarding the recent security
vulnerabilities like [1], let's update the log4j package up to the
recently released 2.15.0 version (2021-12-06).  Release notes for the
new version of the package is available at [2].

[1] https://logging.apache.org/log4j/2.x/security.html
[2] https://logging.apache.org/log4j/2.x/changes-report.html#a2.15.0

Change-Id: Ib7317447f24916795d8f00e3f6c418707c7fd4ff
Reviewed-on: http://gerrit.cloudera.org:8080/18084
Reviewed-by: Andrew Wong <awong@cloudera.com>
Reviewed-by: Greg Solovyev <gsolovyev@cloudera.com>
Tested-by: Kudu Jenkins
(cherry picked from commit 44e517519e1507eafe58bd9179940160e6934079)
  Conflicts:
    java/gradle/dependencies.gradle
Reviewed-on: http://gerrit.cloudera.org:8080/18089
Reviewed-by: Alexey Serbin <aserbin@cloudera.com>
Reviewed-by: Bankim Bhavsar <bankim@cloudera.com>
Tested-by: Alexey Serbin <aserbin@cloudera.com>
1 file changed
tree: 59b0236af780a16059ed7f50ad6e0d2a16e4bd1d
  1. build-support/
  2. cmake_modules/
  3. docker/
  4. docs/
  5. examples/
  6. java/
  7. kubernetes/
  8. python/
  9. src/
  10. thirdparty/
  11. www/
  12. .dockerignore
  13. .gitignore
  14. .ycm_extra_conf.py
  15. CMakeLists.txt
  16. CONTRIBUTING.adoc
  17. LICENSE.txt
  18. NOTICE.txt
  19. README.adoc
  20. RELEASING.adoc
  21. version.txt