1.2.17 is from the old 1.0 branch and not affected by CVE-2021-44228.
Versions 1.* never had the JNDI lookup code.
It is only log4j 2 that is vulnerable. Fixed in 2.15 and an enhanced fix in
2.16.
/Markus
On 16 Dec 2021 at 17:39:44, Jack Park wrote:
> The pom.xml says log4j is version 1.2.17 w
SNAPSHOT is Maven’s name for bleeding edge, not a point in time release.
/Markus
> 6 nov. 2018 kl. 18:29 skrev Paul Brenner :
>
> We are getting anxious to take advantage of some of the features in 0.9.
> Months ago there was some mention of a new release coming soon but I guess
> that lost
Hi Treble,
You have to add the CDH Maven repo to your ~/.m2/settings.xml
https://www.cloudera.com/documentation/enterprise/release-notes/topics/cdh_vd_cdh5_maven_repo.html
regards,
Markus
2017-10-18 8:15 GMT+02:00 mengmeng.m...@mathartsys.com <
mengmeng.m...@mathartsys.com>:
> Hi,
>I'm a
In my experience it's easier to front with a nginx reverse proxy.
https://zeppelin.apache.org/docs/0.7.3/security/authentication.html
/Markus
2017-09-28 13:37 GMT+02:00 Michael Segel :
> Hi,
>
> While I have 7.3 set up on my mac and it works fine for local use (
> http://127.0.0.1:8080) I want
