kafka-connect-elasticsearch icon indicating copy to clipboard operation
kafka-connect-elasticsearch copied to clipboard

Published 20 hours ago verified publisher icon confluentinc

log4j dependency should be updated to 2.17.1

Open dbschwartz opened this issue 2 years ago • 0 comments

See https://logging.apache.org/log4j/2.x/security.html

log4j 16.0 is still susceptible to log4shell (although to a lesser scale). The vulnerability is fixed in log4j 2.17.1

Can this be updated?

Thank you

dbschwartz avatar Jan 10 '22 21:01 dbschwartz