Nikita Pande created HBASE-28532: ------------------------------------ Summary: remove vulnerable slf4j-log4j12 dependency Key: HBASE-28532 URL: https://issues.apache.org/jira/browse/HBASE-28532 Project: HBase Issue Type: Improvement Reporter: Nikita Pande
slf4j-log4j12 is a bridge from SLF4J to Log4j 1.x. Since log4j 1.x is vulnerable , so this needs to be removed. It is to be replaced with the log4j-slf4j-impl dependency, which is a bridge from SLF4J to Log4j 2.x. -- This message was sent by Atlassian Jira (v8.20.10#820010)