This is an automated email from the ASF dual-hosted git repository. alexey pushed a commit to branch branch-1.14.x in repository https://gitbox.apache.org/repos/asf/kudu.git
commit 206d269387edcd1d34a3f31f4b90ed6620a6f1de Author: Alexey Serbin <ale...@apache.org> AuthorDate: Fri Dec 10 11:59:32 2021 -0800 [java] bump log4j up to 2.15.0 version Kudu doesn't use Java for the server-side components, but to keep various security scanners happy regarding the recent security vulnerabilities like [1], let's update the log4j package up to the recently released 2.15.0 version (2021-12-06). Release notes for the new version of the package is available at [2]. [1] https://logging.apache.org/log4j/2.x/security.html [2] https://logging.apache.org/log4j/2.x/changes-report.html#a2.15.0 Change-Id: Ib7317447f24916795d8f00e3f6c418707c7fd4ff Reviewed-on: http://gerrit.cloudera.org:8080/18084 Reviewed-by: Andrew Wong <aw...@cloudera.com> Reviewed-by: Greg Solovyev <gsolov...@cloudera.com> Tested-by: Kudu Jenkins (cherry picked from commit 44e517519e1507eafe58bd9179940160e6934079) Conflicts: java/gradle/dependencies.gradle Reviewed-on: http://gerrit.cloudera.org:8080/18087 Reviewed-by: Alexey Serbin <aser...@cloudera.com> Tested-by: Alexey Serbin <aser...@cloudera.com> --- java/gradle/dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/gradle/dependencies.gradle b/java/gradle/dependencies.gradle index 10aef8b..09f9221 100755 --- a/java/gradle/dependencies.gradle +++ b/java/gradle/dependencies.gradle @@ -46,7 +46,7 @@ versions += [ jmh : "1.27", jsr305 : "3.0.2", junit : "4.13.1", - log4j : "2.14.0", + log4j : "2.15.0", micrometer : "1.6.2", mockito : "3.6.28", murmur : "1.0.0",