My understanding is it only applies to log4j 2+ so we don’t need to do
anything.
On Sun, Dec 12, 2021 at 8:46 PM Pralabh Kumar
wrote:
> Hi developers, users
>
> Spark is built using log4j 1.2.17 . Is there a plan to upgrade based on
> recent CVE detected ?
>
>
> Regards
> Pralabh kumar
>
--
Check the CVE - the log4j vulnerability appears to affect log4j 2, not 1.x.
There was mention that it could affect 1.x when used with JNDI or SMS
handlers, but Spark does neither. (unless anyone can think of something I'm
missing, but never heard or seen that come up at all in 7 years in Spark)
Hi developers, users
Spark is built using log4j 1.2.17 . Is there a plan to upgrade based on
recent CVE detected ?
Regards
Pralabh kumar
github url please.
On 2021-12-13 01:06, sam smith wrote:
Hello guys,
I am replicating a paper's algorithm (graph coloring algorithm) in
Spark under Java, and thought about asking you guys for some
assistance to validate / review my 600 lines of code. Any volunteers
to share the code with ?
Hello guys,
I am replicating a paper's algorithm (graph coloring algorithm) in Spark
under Java, and thought about asking you guys for some assistance to
validate / review my 600 lines of code. Any volunteers to share the code
with ?
Thanks
