[jira] [Created] (HADOOP-18050) Document Hadoop's stance on the log4jshell vulnerability

Wei-Chiu Chuang (Jira) Fri, 17 Dec 2021 05:52:06 -0800

Wei-Chiu Chuang created HADOOP-18050:
----------------------------------------


             Summary: Document Hadoop's stance on the log4jshell vulnerability
                 Key: HADOOP-18050
                 URL: https://issues.apache.org/jira/browse/HADOOP-18050
             Project: Hadoop Common
          Issue Type: Task
          Components: documentation
            Reporter: Wei-Chiu Chuang


As of today, Hadoop relies on log4j-1, not log4j2. It is understood that the 
log4jshell vulnerability (CVE-2021-44228) does not impact log4j-1. Given the 
widespread attention to the incidence, we should make it clear that Hadoop is 
not susceptible to the attack.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (HADOOP-18050) Document Hadoop's stance on the log4jshell vulnerability

Reply via email to