[ https://issues.apache.org/jira/browse/JENA-2211?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andy Seaborne updated JENA-2211: -------------------------------- Fix Version/s: (was: Jena 4.4.0) > upgrade log4j2 from 2.14.1 to 2.15.0 > ------------------------------------ > > Key: JENA-2211 > URL: https://issues.apache.org/jira/browse/JENA-2211 > Project: Apache Jena > Issue Type: Dependency upgrade > Reporter: Øyvind Gjesdal > Assignee: Andy Seaborne > Priority: Critical > Fix For: Jena 4.3.1 > > > There is CVE 2021-4228 for log4j2. Not sure how it affects the the different > artifacts. https://github.com/advisories/GHSA-jfh8-c2jp-5v3q > -- This message was sent by Atlassian Jira (v8.20.1#820001)