Wei-Chiu Chuang created HADOOP-18050: ----------------------------------------
Summary: Document Hadoop's stance on the log4jshell vulnerability Key: HADOOP-18050 URL: https://issues.apache.org/jira/browse/HADOOP-18050 Project: Hadoop Common Issue Type: Task Components: documentation Reporter: Wei-Chiu Chuang As of today, Hadoop relies on log4j-1, not log4j2. It is understood that the log4jshell vulnerability (CVE-2021-44228) does not impact log4j-1. Given the widespread attention to the incidence, we should make it clear that Hadoop is not susceptible to the attack. -- This message was sent by Atlassian Jira (v8.20.1#820001) --------------------------------------------------------------------- To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-dev-h...@hadoop.apache.org