Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-67360

log4j dependency has critical vulnerability CVE-2021-44228 in Talend Plugin

XMLWordPrintable

    • Manual release 1.3

          [JENKINS-67360] log4j dependency has critical vulnerability CVE-2021-44228 in Talend Plugin

          Daniel Beck created issue -

          P Peters added a comment -

          The 1.3 version, just released has upgraded the dependency to log4j-core 2.15

          P Peters added a comment - The 1.3 version, just released has upgraded the dependency to log4j-core 2.15

          P Peters added a comment -

          Quickly updated the dependency in the tmc_rest_api to log4j-core 2.15. Didnt bump the version of that library.

          here is the commit https://github.com/TalendStuff/tmc_rest_api/commit/8c6e8c260f4c3148f943ecee7320008848ebc73a

           

          The release is uploaded and available.

          P Peters added a comment - Quickly updated the dependency in the tmc_rest_api to log4j-core 2.15. Didnt bump the version of that library. here is the commit https://github.com/TalendStuff/tmc_rest_api/commit/8c6e8c260f4c3148f943ecee7320008848ebc73a   The release is uploaded and available.
          P Peters made changes -
          Released As New: Manual release 1.3
          Resolution New: Fixed [ 1 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]
          Daniel Beck made changes -
          Priority Original: Minor [ 4 ] New: Critical [ 2 ]

          Daniel Beck added a comment -

          I confirm the plugin now includes log4j 2.15.0.

          Good job, you're the first maintainer to react

          Daniel Beck added a comment - I confirm the plugin now includes log4j 2.15.0. Good job, you're the first maintainer to react
          Daniel Beck made changes -
          Status Original: Resolved [ 5 ] New: Closed [ 6 ]
          Jenkins CERT Bot made changes -
          Labels Original: CVE-2021-44228 security New: CVE-2021-44228 jcabot:001 jcabot:002 security

            afkab P Peters
            danielbeck Daniel Beck
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: