Sangita Nalkar created MESOS-10234:
--------------------------------------
Summary: CVE-2021-44228 Log4j vulnerability for apache mesos
Key: MESOS-10234
URL: https://issues.apache.org/jira/browse/MESOS-10234
Project: Mesos
Issue Type: Bug
Components: build
Affects Versions: 1.11.0
Reporter: Sangita Nalkar
Hi,
Wanted to know if CVE-2021-44228 Log4j vulnerability is affecting Apache mesos.
We see that log4j v1.2.17 is used while building apache mesos from source.
Snippet from build logs:
std=c++11 -MT jvm/org/apache/libjava_la-log4j.lo -MD -MP -MF
jvm/org/apache/.deps/libjava_la-log4j.Tpo -c ../../src/jvm/org/apache/log4j.cpp
-fPIC -DPIC -o jvm/org/apache/.libs/libjava_la-log4j.o
Thanks,
Sangita
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
