[jira] [Created] (SOLR-15900) Upgrade log4j to 2.17.1

Rahul Verma (Jira) Fri, 07 Jan 2022 01:39:05 -0800

Rahul Verma created SOLR-15900:
----------------------------------

             Summary: Upgrade log4j to 2.17.1
                 Key: SOLR-15900
                 URL: https://issues.apache.org/jira/browse/SOLR-15900
             Project: Solr
          Issue Type: Task
      Security Level: Public (Default Security Level. Issues are Public)
          Components: logging
    Affects Versions: 8.11.1
            Reporter: Rahul Verma



We should update to Log4j 2.17.1 to address 
[CVE-2021-44832|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832]: 
Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls 
configuration.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org

[jira] [Created] (SOLR-15900) Upgrade log4j to 2.17.1

Reply via email to