viktorsomogyi commented on PR #21452: URL: https://github.com/apache/kafka/pull/21452#issuecomment-3944284674
@omkreddy this is a very good point you raise. I've tried to reproduce this with Connect standalone, however I can't really see it. Debug logging seems to work fine with Jetty. Did you have a more nuanced example? Would you mind sharing it? Looking at the CVE though it seems like Jetty 12.0.22 already has this fix too. If proves necessary, on the 4.1 and 4.0 branches I think we can still revert these changes as it seems like the least invasive change to avoid any more regressions. While a revert provides a quick relief on trunk, the underlying problem there may be bigger as slf4j1 could possibly prevent us from applying security fixes in some libraries. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
