[
https://issues.apache.org/jira/browse/HIVE-25795?focusedWorklogId=697132&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-697132
]
ASF GitHub Bot logged work on HIVE-25795:
-----------------------------------------
Author: ASF GitHub Bot
Created on: 16/Dec/21 08:28
Start Date: 16/Dec/21 08:28
Worklog Time Spent: 10m
Work Description: brahmareddybattula commented on pull request #2863:
URL: https://github.com/apache/hive/pull/2863#issuecomment-995548577
> @guptanikhil007 thank you for this change, are you planning a fix for 2.x
and 3.x? This fix is applied to 4.x which has not been released.
Looks PR is raised for branch-3. (#2869 ) . I will link this PR to jira so
that it will be known.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscr...@hive.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Issue Time Tracking
-------------------
Worklog Id: (was: 697132)
Time Spent: 4.5h (was: 4h 20m)
> [CVE-2021-44228] Update log4j2 version to 2.15.0
> ------------------------------------------------
>
> Key: HIVE-25795
> URL: https://issues.apache.org/jira/browse/HIVE-25795
> Project: Hive
> Issue Type: Bug
> Components: Logging
> Affects Versions: 3.1.2, 4.0.0
> Reporter: Nikhil Gupta
> Assignee: Nikhil Gupta
> Priority: Critical
> Labels: pull-request-available
> Fix For: 4.0.0
>
> Time Spent: 4.5h
> Remaining Estimate: 0h
>
> [Worst Apache Log4j RCE Zero day Dropped on Internet - Cyber
> Kendra|https://www.cyberkendra.com/2021/12/worst-log4j-rce-zeroday-dropped-on.html]
> Vulnerability:
> https://github.com/apache/logging-log4j2/commit/7fe72d6
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
