emveee commented on pull request #7898: URL: https://github.com/apache/kafka/pull/7898#issuecomment-876773034
> @priyavj08 I'm sorry that I can't be certain. But as far as I know, any project with log4j 1.2.7 is not safe. (It is why I have been working on this issue.) > > +1. I also released 2.6.1 backport. > > * working branch: [kafka-2.6+log4j2](https://github.com/dongjinleekr/kafka/tree/kafka-2.6%2Blog4j2) > * custom build distribution: [kafka_2.13-2.6.1+log4j2-0.tgz](https://drive.google.com/file/d/1PfFaUj0UAN9CpfBN52BCBF-W0UNB3EWT/view?usp=sharing) > * 2.6.1 patch: [kafka-2.6.1+log4j2-0.patch](https://drive.google.com/file/d/1KQgRqYtLaL65lrHz4SiuSiZ7FOAQ4Xxv/view?usp=sharing) Do you have a patch that will work with 2.8.0? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org