[
https://issues.apache.org/jira/browse/ZOOKEEPER-2342?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17478588#comment-17478588
]
Sourabh Sarvotham Parkala commented on ZOOKEEPER-2342:
------------------------------------------------------
Hello Team,
There are even more high priority vulnerabilities being reported for log4j 1.x.
Hence, just checking in on any updates.
Lets us know.
Thanks
Sourabh
> Migrate to Log4J 2.
> -------------------
>
> Key: ZOOKEEPER-2342
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2342
> Project: ZooKeeper
> Issue Type: Bug
> Reporter: Chris Nauroth
> Assignee: Chris Nauroth
> Priority: Major
> Fix For: 3.8.0
>
> Attachments: ZOOKEEPER-2342.001.patch
>
>
> ZOOKEEPER-1371 removed our source code dependency on Log4J. It appears that
> this also removed the Log4J SLF4J binding jar from the runtime classpath.
> Without any SLF4J binding jar available on the runtime classpath, it is
> impossible to write logs.
> This JIRA investigated migration to Log4J 2 as a possible path towards
> resolving the bug introduced by ZOOKEEPER-1371. At this point, we know this
> is not feasible short-term. This JIRA remains open to track long-term
> migration to Log4J 2.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
