To unsubscribe, see https://solr.apache.org/community.html#mailing-lists-chat
Jan
> 15. des. 2021 kl. 04:30 skrev John Eberly :
>
> unsubscribe
>
>
> On Mon, Dec 13, 2021 at 8:53 AM Walter Underwood
> wrote:
>
>> Zookeeper 3.5.7 uses log4j 1.x, so is not vulnerable. I checked.
>>
>> wunder
unsubscribe
On Mon, Dec 13, 2021 at 8:53 AM Walter Underwood
wrote:
> Zookeeper 3.5.7 uses log4j 1.x, so is not vulnerable. I checked.
>
> wunder
> Walter Underwood
> wun...@wunderwood.org
> http://observer.wunderwood.org/ (my blog)
>
> > On Dec 13, 2021, at 6:20 AM, Michael Conrad wrote:
> >
Zookeeper 3.5.7 uses log4j 1.x, so is not vulnerable. I checked.
wunder
Walter Underwood
wun...@wunderwood.org
http://observer.wunderwood.org/ (my blog)
> On Dec 13, 2021, at 6:20 AM, Michael Conrad wrote:
>
> I presume this also needs fixing for zookeeper nodes?
>
> On 12/10/21 13:44, Walter
Zookeeper has not yet migrated to log4j2. Even their latest releases
(3.6.3, 3.7.0) are still using version 1.2.17 of log4j.
So I would think that Zookeeper would be in the same situation as the
pre-7.4.0 Solr releases as described here:
https://solr.apache.org/security.html#apache-solr-affected-b
> On Dec 13, 2021, at 8:20 AM, Michael Conrad wrote:
>
> I presume this also needs fixing for zookeeper nodes?
Anything that logs with log4j.
