4835d402f1
The Log4j version was bumped on GitHub [1] but it is still pending
inclusion in a release of Apache Storm.
Apply the alternative mitigation recommended by Log4j [2] of removing
the JndiLookup class from the classpath.
[1] https://github.com/apache/storm/pull/3427
[2] https://logging.apache.org/log4j/2.x/security.html
Change-Id: Ib3ecd73f9e39e320acb2c5f0962b8af9b1a817e9
(cherry picked from commit
|
||
---|---|---|
.. | ||
Dockerfile.j2 | ||
extend_start.sh |