pjfanning opened a new issue, #6153: URL: https://github.com/apache/texera/issues/6153
Log4Shell is one of the most notorious security issues ever to affect OSS libs. Texera still ships log4j jars affected by this issue. https://github.com/search?q=repo%3Aapache%2Ftexera+log4j-1.2&type=code No log4j release for v1.2 exists that fixes log4shell. You can use reload4j as a drop-in replacement or upgrade so that you use up to date log4j 2.x jars. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
