r-sidd opened a new pull request, #877: URL: https://github.com/apache/flink-kubernetes-operator/pull/877
Bumping **log4j** to the latest version (2.23.1) - this will remediate a lot of vulnerabilities in dependant packages. **Package details:** https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-1.2-api/2.23.1 https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-slf4j-impl/2.23.1 https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-api/2.23.1 https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-core/2.23.1 **Release notes:** https://logging.apache.org/log4j/2.x/release-notes.html Lot of bug fixes has been done in the newer versions and I don't see any breaking changes as such. ## Does this pull request potentially affect one of the following parts: - Dependencies (does it add or upgrade a dependency): yes ## Documentation - Does this pull request introduce a new feature? no -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@flink.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
