This is an automated email from the ASF dual-hosted git repository.
xiangfu pushed a commit to tag release-0.8.0-fix-CVE-2021-45046
in repository https://gitbox.apache.org/repos/asf/pinot.git
commit e84d0d4f1f3d2f80be7be068a1a481bf0620336f
Author: Neha Pawar <neha.pawa...@gmail.com>
AuthorDate: Tue Dec 14 15:30:19 2021 -0800
Upgrade log4j to 2.16.0 for CVE-2021-45046 (#7903)
---
LICENSE-binary | 8 ++++----
pom.xml | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/LICENSE-binary b/LICENSE-binary
index a9ad999..e3bd47a 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -336,10 +336,10 @@ org.apache.httpcomponents:httpmime:4.5.3
org.apache.kafka:kafka-clients:2.0.0
org.apache.kafka:kafka_2.10:0.9.0.1
org.apache.kafka:kafka_2.11:2.0.0
-org.apache.logging.log4j:log4j-1.2-api:2.11.2
-org.apache.logging.log4j:log4j-api:2.11.2
-org.apache.logging.log4j:log4j-core:2.11.2
-org.apache.logging.log4j:log4j-slf4j-impl:2.11.2
+org.apache.logging.log4j:log4j-1.2-api:2.16.0
+org.apache.logging.log4j:log4j-api:2.16.0
+org.apache.logging.log4j:log4j-core:2.16.0
+org.apache.logging.log4j:log4j-slf4j-impl:2.16.0
org.apache.lucene:lucene-analyzers-common:8.2.0
org.apache.lucene:lucene-core:8.2.0
org.apache.lucene:lucene-queries:8.2.0
diff --git a/pom.xml b/pom.xml
index 42010e6..4ad5af9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -145,7 +145,7 @@
<snappy-java.version>1.1.1.7</snappy-java.version>
<zstd-jni.version>1.4.9-5</zstd-jni.version>
<lz4-java.version>1.7.1</lz4-java.version>
- <log4j.version>2.11.2</log4j.version>
+ <log4j.version>2.16.0</log4j.version>
<netty.version>4.1.54.Final</netty.version>
<reactivestreams.version>1.0.3</reactivestreams.version>
<jts.version>1.16.1</jts.version>
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org
For additional commands, e-mail: commits-h...@pinot.apache.org
