Mike Lothian created KAFKA-13660:
------------------------------------
Summary: Replace log4j with reload4j
Key: KAFKA-13660
URL: https://issues.apache.org/jira/browse/KAFKA-13660
Project: Kafka
Issue Type: Bug
Components: logging
Affects Versions: 3.0.0, 2.4.0
Reporter: Mike Lothian
Kafka is using a known vulnerable version of log4j, the reload4j project was
created by the code's original authors to address those issues. It is designed
as a drop in replacement without any api changes
I've raised a merge request, replacing log4j with reload4j, slf4j-log4j12 with
slf4j-reload4j and bumping the slf4j version
this is my first time contributing to the Kafka project and I'm not too
familiar with the process, I'll go back and amend my PR with this issue number
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
