Zookeeper 3.5.7 uses log4j 1.x, so is not vulnerable. I checked. wunder Walter Underwood wun...@wunderwood.org http://observer.wunderwood.org/ (my blog)
> On Dec 13, 2021, at 6:20 AM, Michael Conrad <mich...@newsrx.com> wrote: > > I presume this also needs fixing for zookeeper nodes? > > On 12/10/21 13:44, Walter Underwood wrote: >> Does all Solr logging go through slf4j? If so, that should protect against >> this vulnerability. >> >> If not, who has tested Solr with log4j 2.15.1? >> >> We are running 8.8.2. >> >> wunder >> Walter Underwood >> wun...@wunderwood.org >> http://observer.wunderwood.org/ (my blog) >> >>
