[jira] [Resolved] (KAFKA-13729) Kafka Core Components and other projects (like broker) using older version of the log4j 1.x, need to update 2.x

Mickael Maison (Jira) Fri, 11 Mar 2022 03:29:05 -0800


     [ 
https://issues.apache.org/jira/browse/KAFKA-13729?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Mickael Maison resolved KAFKA-13729.
------------------------------------
    Fix Version/s:     (was: 2.4.1)
       Resolution: Duplicate

> Kafka Core Components and other projects (like broker) using older version of 
> the log4j 1.x, need to update 2.x
> ---------------------------------------------------------------------------------------------------------------
>
>                 Key: KAFKA-13729
>                 URL: https://issues.apache.org/jira/browse/KAFKA-13729
>             Project: Kafka
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 2.4.1
>         Environment: Production
>            Reporter: viswateja.satrapu
>            Priority: Major
>              Labels: log4j2
>   Original Estimate: 96h
>  Remaining Estimate: 96h
>
> Hi Team, 
>  
> We were using Apache Kafka, to handle message transfer. Now in the security 
> audit, we got vulnerability, due to Apache Kafka core and other projects were 
> using the older log4j versions 1.x. 
> You Guys need to update the log4j version from 1.x to 2.x in  Core and other 
> subprojects of Kafka. Can you please help us, to fix that vulnerability,  
> otherwise can you please share Guide us to upgrade that version from log4j  
> 1.x to log4j 2.x



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (KAFKA-13729) Kafka Core Components and other projects (like broker) using older version of the log4j 1.x, need to update 2.x

Reply via email to