[jira] [Updated] (HIVE-25839) Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832

Stamatis Zampetakis (Jira) Mon, 10 Jan 2022 03:24:06 -0800


     [ 
https://issues.apache.org/jira/browse/HIVE-25839?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Stamatis Zampetakis updated HIVE-25839:
---------------------------------------
    Fix Version/s: 4.0.0
       Resolution: Fixed
           Status: Resolved  (was: Patch Available)

Fixed in 
https://github.com/apache/hive/commit/9cfdac44975bf38193de7449fc21b9536109daea. 
Thanks for the PRs [~ghanko], [~weidong]!

> Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
> ----------------------------------------------
>
>                 Key: HIVE-25839
>                 URL: https://issues.apache.org/jira/browse/HIVE-25839
>             Project: Hive
>          Issue Type: Bug
>    Affects Versions: 3.1.2
>            Reporter: weidong
>            Assignee: Hankó Gergely
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 4.0.0
>
>         Attachments: HIVE-25839.1.patch
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> High security vulnerability in Log4J - CVE-2021-44832 bundled with Hive



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (HIVE-25839) Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832

Reply via email to