[jira] [Created] (HBASE-28532) remove vulnerable slf4j-log4j12 dependency

Nikita Pande (Jira) Wed, 17 Apr 2024 06:26:58 -0700

Nikita Pande created HBASE-28532:
------------------------------------

             Summary: remove vulnerable slf4j-log4j12 dependency
                 Key: HBASE-28532
                 URL: https://issues.apache.org/jira/browse/HBASE-28532
             Project: HBase
          Issue Type: Improvement
            Reporter: Nikita Pande



slf4j-log4j12 is a bridge from SLF4J to Log4j 1.x.

Since log4j 1.x is vulnerable , so this needs to be removed.

 

It is to be replaced with the log4j-slf4j-impl dependency, which is a bridge 
from SLF4J to Log4j 2.x.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (HBASE-28532) remove vulnerable slf4j-log4j12 dependency

Reply via email to