pjfanning opened a new issue, #6153:
URL: https://github.com/apache/texera/issues/6153

   Log4Shell is one of the most notorious security issues ever to affect OSS 
libs.
   Texera still ships log4j jars affected by this issue.
   https://github.com/search?q=repo%3Aapache%2Ftexera+log4j-1.2&type=code
   
   No log4j release for v1.2 exists that fixes log4shell. You can use reload4j 
as a drop-in replacement or upgrade so that you use up to date log4j 2.x jars.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to