Luca Toscano created BIGTOP-3613: ------------------------------------ Summary: Review log4j configurations for CVE-2021-44228 Key: BIGTOP-3613 URL: https://issues.apache.org/jira/browse/BIGTOP-3613 Project: Bigtop Issue Type: Sub-task Affects Versions: 3.1.0 Reporter: Luca Toscano
Due to CVE-2021-44228, it would be great to avoid shipping 3.1 with the affected log4j versions, or alternatively to apply the workarounds to patch the issue (like -Dlog4j2.formatMsgNoLookups=true etc..) More info: https://github.com/advisories/GHSA-jfh8-c2jp-5v3q -- This message was sent by Atlassian Jira (v8.20.1#820001)