svudutala-vmware edited a comment on pull request #7898: URL: https://github.com/apache/kafka/pull/7898#issuecomment-991209328
> Will this PR solve [CVE-2021-44228](https://github.com/advisories/GHSA-jfh8-c2jp-5v3q)? @soumiksamanta https://github.com/apache/kafka/blob/bd3038383265f7bb850c09fe0a74a48c5c2e6f99/gradle/dependencies.gradle#L78 should be upgraded to 2.15.0. log4j <= 2.14.0 all have this issue. Initially I thought log4j 1.x is not impacted but as per https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126 it is. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
