This is an automated email from the ASF dual-hosted git repository. zabetak pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/master by this push: new 9cfdac4 HIVE-25839: Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832 (Hankó Gergely, weidongkl, reviewed by Stamatis Zampetakis) 9cfdac4 is described below commit 9cfdac44975bf38193de7449fc21b9536109daea Author: Hankó Gergely <gha...@cloudera.com> AuthorDate: Fri Jan 7 22:36:53 2022 +0100 HIVE-25839: Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832 (Hankó Gergely, weidongkl, reviewed by Stamatis Zampetakis) Co-authored-by: weidongkl <weid...@uniontech.com> Closes #2930 Closes #2912 --- pom.xml | 2 +- standalone-metastore/pom.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 911b6cf..2f1b38b 100644 --- a/pom.xml +++ b/pom.xml @@ -178,7 +178,7 @@ <!-- Leaving libfb303 at 0.9.3 regardless of libthrift: As per THRIFT-4613 The Apache Thrift project does not publish items related to fb303 at this point --> <libfb303.version>0.9.3</libfb303.version> <libthrift.version>0.14.1</libthrift.version> - <log4j2.version>2.17.0</log4j2.version> + <log4j2.version>2.17.1</log4j2.version> <mariadb.version>2.5.0</mariadb.version> <mssql.version>6.2.1.jre8</mssql.version> <mysql.version>8.0.27</mysql.version> diff --git a/standalone-metastore/pom.xml b/standalone-metastore/pom.xml index ed9b45c..e16d162 100644 --- a/standalone-metastore/pom.xml +++ b/standalone-metastore/pom.xml @@ -91,7 +91,7 @@ <junit.vintage.version>5.6.2</junit.vintage.version> <libfb303.version>0.9.3</libfb303.version> <libthrift.version>0.14.1</libthrift.version> - <log4j2.version>2.17.0</log4j2.version> + <log4j2.version>2.17.1</log4j2.version> <mockito-core.version>3.3.3</mockito-core.version> <orc.version>1.6.9</orc.version> <!-- com.google repo will be used except on Aarch64 platform. -->