Re: [VOTE] 3.1.0 RC1

Thanks David for running this release! I checked signatures and keys, built from source and ran unit tests with Java 11. I also ran the quickstart. +1 (binding) Thanks, Mickael On Wed, Jan 19, 2022 at 9:20 PM Bill Bejeck wrote: > > Hi David, > > Thanks for running the release! > > I did the fo

Kafka Log4j2.x upgrade plan

Hi Luke, We are using Kafka 2.8.1 Broker/Client system in our prod env. Due to the Log4j vulnerability CVE-2021-44228, CVE-2021-45046, CVE-2021-4104 and CVE-2021-45105, we are waiting for kafka to upgrade to Log4j 2.17. Our Customers are asking why Kafka is using obsolete log4j1.x version. Ple

Re: Kafka Log4j2.x upgrade plan

Hi Deepak, So far, we don't have an ETA for log4j2. Please check this discussion: https://issues.apache.org/jira/browse/KAFKA-9366 Thank you. Luke On Fri, Jan 21, 2022 at 1:57 PM Deepak Jain wrote: > Hi Luke, > > We are using Kafka 2.8.1 Broker/Client system in our prod env. Due to the > Log4j