Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug]Avoid the security risks of log4j package #1958

Closed
2 tasks done
healchow opened this issue Dec 13, 2021 · 0 comments · Fixed by #1962 or #2005
Closed
2 tasks done

[Bug]Avoid the security risks of log4j package #1958

healchow opened this issue Dec 13, 2021 · 0 comments · Fixed by #1962 or #2005
Assignees
Labels
Milestone

Comments

@healchow
Copy link
Member

What happened

Log4j has the security risk of remote code execution.

see: https://issues.apache.org/jira/projects/LOG4J2/issues/LOG4J2-3201

What you expected to happen

upgrade log4j jar, or add JVM params to avoid the problem.

How to reproduce

see: https://issues.apache.org/jira/projects/LOG4J2/issues/LOG4J2-3201

Environment

No response

InLong version

master

InLong Component

InLong Manager, InLong Agent, InLong DataProxy, InLong DataProxy-SDK, InLong TubeMQ, InLong Sort

Are you willing to submit PR?

  • Yes, I am willing to submit a PR!

Code of Conduct

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment