Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade log4j-core version to fix vulnerability (CVE-2021-44832) #625

Merged
merged 1 commit into from
Dec 29, 2021
Merged

Upgrade log4j-core version to fix vulnerability (CVE-2021-44832) #625

merged 1 commit into from
Dec 29, 2021

Conversation

KRAhn
Copy link
Contributor

@KRAhn KRAhn commented Dec 29, 2021

Before contributing, please read our contributing guidelines and code of conduct.

Overview

Upgrade log4j-core version to fix vulnerability (CVE-2021-44832)
See More

Related Github Issue

#624

@CLAassistant
Copy link

CLAassistant commented Dec 29, 2021
edited
Loading

CLA assistant check
All committers have signed the CLA.

@Goliathtom
Copy link

related Issue

Goliathtom
Goliathtom approved these changes Dec 29, 2021
View reviewed changes
Copy link

@Goliathtom Goliathtom left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ranma2913
Copy link

@barbnewrelic @rvanderwal-newrelic Please Merge and Release ASAP

@barbnewrelic
Copy link

This is fine by me, but the checks are still running, and it says I am not authorized to merge this PR. I think someone on Java agent team would need to merge this PR once the checks finish. Hope this helps!

@ranma2913
Copy link

Yeah I was actually wishing there was a code owners file or at least an organization team that we could tag. I don't know individuals who are the managers of this.

@meiao meiao merged commit 0740e7c into newrelic:main Dec 29, 2021
@meiao meiao linked an issue Dec 30, 2021 that may be closed by this pull request
Upgrade log4j-core version as 2.17.1 to fix CVE-2021-44832 #624
Closed
1 task
@meiao
Copy link
Contributor

meiao commented Dec 30, 2021

This will be part of our scheduled 7.5.0 release.
https://docs.newrelic.com/docs/security/new-relic-security/security-bulletins/security-bulletin-nr21-03/

@KRAhn KRAhn deleted the issue-624 branch December 31, 2021 03:53
@kford-newrelic kford-newrelic added this to Triage in Java Engineering Board via automation Jan 5, 2022
@kford-newrelic kford-newrelic moved this from Triage to Done in Java Engineering Board Jan 5, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@meiao meiao meiao approved these changes

@limsangjin12 limsangjin12 limsangjin12 approved these changes

@ranma2913 ranma2913 ranma2913 approved these changes

@Goliathtom Goliathtom Goliathtom approved these changes

Assignees
No one assigned
Labels
None yet
Projects
Java Engineering Board
Archived in project
Java Engineering Board
  
Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Upgrade log4j-core version as 2.17.1 to fix CVE-2021-44832
7 participants
@KRAhn @CLAassistant @Goliathtom @ranma2913 @barbnewrelic @meiao @limsangjin12