[
https://issues.apache.org/jira/browse/DATAFU-162?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Eyal Allweil updated DATAFU-162:
--------------------------------
Language: scala gradle
Description:
Although the [infamous Log4J
vulnerability|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832] is
not relevant for DataFu (we are dependent on log4j 1.x, which is not affected)
it is still a pretty good idea to upgrade to a new version.
The upgrade should keep our logs as similar as possible to the existing
version, but this shouldn't necessitate a major version release since this
isn't a breaking change.
We can start by fixing this for datafu-spark (we don't need to update the other
projects since they might be deprecated soon)
was:
Although the [infamous Log4J
vulnerability|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832] is
not relevant for DataFu (we are dependent on log4j 1.x, which is not affected)
it is still a pretty good idea to upgrade to a new version.
The upgrade should keep our logs as similar as possible to the existing
version, but this shouldn't necessitate a major version release since this
isn't a breaking change.
> Upgrade Log4j version
> ---------------------
>
> Key: DATAFU-162
> URL: https://issues.apache.org/jira/browse/DATAFU-162
> Project: DataFu
> Issue Type: Improvement
> Reporter: Eyal Allweil
> Priority: Major
> Labels: up-for-grabs
>
> Although the [infamous Log4J
> vulnerability|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832]
> is not relevant for DataFu (we are dependent on log4j 1.x, which is not
> affected) it is still a pretty good idea to upgrade to a new version.
> The upgrade should keep our logs as similar as possible to the existing
> version, but this shouldn't necessitate a major version release since this
> isn't a breaking change.
>
> We can start by fixing this for datafu-spark (we don't need to update the
> other projects since they might be deprecated soon)
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
