Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure log4j v2 at least 2.15.0 #1998

Closed
benedeki opened this issue Dec 12, 2021 · 0 comments
Closed

Ensure log4j v2 at least 2.15.0 #1998

benedeki opened this issue Dec 12, 2021 · 0 comments
Assignees
@benedeki
Labels
Conformance Conformance Job affected Menas Menas component affected priority: high Critical to the health of the project security Relates to application security Standardization Standardization Job affected

Comments

@benedeki
Copy link
Collaborator

Some imported dependencies bring in log4j v 2.x Ensure that at least 2.15 is part of the project.
@benedeki benedeki added bug Something isn't working security Relates to application security priority: high Critical to the health of the project labels Dec 12, 2021
@benedeki benedeki self-assigned this Dec 12, 2021
@benedeki benedeki added Conformance Conformance Job affected Menas Menas component affected Standardization Standardization Job affected and removed bug Something isn't working labels Dec 12, 2021
benedeki added a commit that referenced this issue Dec 12, 2021
@benedeki
#1998: Ensure log4j v2 at least 2.15.0
d9b629a 
* Menas gets log4j via Spring, explicitly imported to ensure 2.15 is used
* Upgraded Hyperdrive in SparkJobs which already uses log4j 2.15
@benedeki benedeki mentioned this issue Dec 12, 2021
Merged
benedeki added a commit that referenced this issue Dec 12, 2021
@benedeki
#1998: Ensure log4j v2 at least 2.15.0 (#1999)
1d7576b 
* Menas gets log4j via Spring, explicitly imported to ensure 2.15 is used
* Upgraded Hyperdrive in SparkJobs which already uses log4j 2.15
benedeki added a commit that referenced this issue Dec 12, 2021
@benedeki
#1998: Ensure log4j v2 at least 2.15.0
b2f0094 
* Menas gets log4j via Spring, explicitly imported to ensure 2.15 is used
* Upgraded Hyperdrive in SparkJobs which already uses log4j 2.15
@benedeki benedeki mentioned this issue Dec 12, 2021
Merged
benedeki added a commit that referenced this issue Dec 12, 2021
@benedeki
#1998: Ensure log4j v2 at least 2.15.0 (#2000)
39a27f5 
* Menas gets log4j via Spring, explicitly imported to ensure 2.15 is used
* Upgraded Hyperdrive in SparkJobs which already uses log4j 2.15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@benedeki benedeki

Labels
Conformance Conformance Job affected Menas Menas component affected priority: high Critical to the health of the project security Relates to application security Standardization Standardization Job affected
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@benedeki