Dear Spark support, Due to the known log4j security issue, we are required to upgrade log4j version to 2.17.1. Currently, we use Spark3.1.2 with default log4j 1.2.17. Also we found log4j configuration document here: https://spark.apache.org/docs/3.2.0/configuration.html#configuring-logging
Our questions: Does Spark 3.1.2 support log4j v2.17.1? how to upgrade log4j from 1.* to 2.17.1 in Spark? would you pls help to provide guidance? If Spark 3.1.2 doesn't support log4j v2.17.1, then how about Spark 3.2? pls also help to provide guidance, thanks! We found Spark 3.3 will support log4j migrate from 1 to 2 in this ticket: https://issues.apache.org/jira/browse/SPARK-37814 , also I noticed all sub-tasks are done except one. it's awesome! would you pls help to advise your target release day? if it's in very near future, like Jan, maybe we can wait for 3.3. BTW, as log4j issue is very popular security issue, it's better if Spark team could post the solution directly in security page ( https://spark.apache.org/security.html) to benefit end user. Anyway, thank you so much for providing such a powerful tool for us, and thanks for your patience to read and reply this mail. Have a good day! Juan Liu (刘娟) PMP® Release Management, Watson Health, China Development Lab Email: liuj...@cn.ibm.com Phone: 86-10-82452506
