(kafka) 01/02: MINOR: Update log4j2 to 2.24.3 (#19135)

Thu, 06 Mar 2025 14:28:55 -0800 

This is an automated email from the ASF dual-hosted git repository.

ijuma pushed a commit to branch 4.0
in repository https://gitbox.apache.org/repos/asf/kafka.git

commit 4ffe09d8d9b545732ad296a19a67d403781ff75c
Author: Ismael Juma <[email protected]>
AuthorDate: Thu Mar 6 09:11:29 2025 -0800

    MINOR: Update log4j2 to 2.24.3 (#19135)
    
    2.24.2 includes a critical fix:
    
    "This release fixes a critical bug in Log4j API initialization code,
    which can cause LogManager.getLogger() to return null under certain
    conditions. See https://github.com/apache/logging-log4j2/issues/3143 for
    details."
    
    2.24.3 includes an important fix for our usage:
    
    "Fix ConcurrentModificationException, if multiple threads modify loggers
    concurrently.
    This bug affects users that modify logger levels programmatically."
    
    Release notes:
    * https://github.com/apache/logging-log4j2/releases/tag/rel%2F2.24.2
    * https://github.com/apache/logging-log4j2/releases/tag/rel%2F2.24.3
    
    Reviewers: David Jacot <[email protected]>, Chia-Ping Tsai
    <[email protected]
---
 LICENSE-binary             | 8 ++++----
 gradle/dependencies.gradle | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/LICENSE-binary b/LICENSE-binary
index 4d86137e58d..030f62b9675 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -237,10 +237,10 @@ License Version 2.0:
 - jetty-session-12.0.15
 - jetty-util-12.0.15
 - jose4j-0.9.4
-- log4j-api-2.24.1
-- log4j-core-2.24.1
-- log4j-slf4j-impl-2.24.1
-- log4j-1.2-api-2.24.1
+- log4j-api-2.24.3
+- log4j-core-2.24.3
+- log4j-slf4j-impl-2.24.3
+- log4j-1.2-api-2.24.3
 - lz4-java-1.8.0
 - maven-artifact-3.9.6
 - metrics-core-2.2.0
diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle
index 30fef6b0778..66eca369aa2 100644
--- a/gradle/dependencies.gradle
+++ b/gradle/dependencies.gradle
@@ -105,7 +105,7 @@ versions += [
   kafka_37: "3.7.2",
   kafka_38: "3.8.1",
   kafka_39: "3.9.0",
-  log4j2: "2.24.1",
+  log4j2: "2.24.3",
   // When updating lz4 make sure the compression levels in 
org.apache.kafka.common.record.CompressionType are still valid
   lz4: "1.8.0",
   mavenArtifact: "3.9.6",

Reply via email to