Skip to content

Commit

Permalink
update log4j 2.17.1 (hyperledger#3225)
Browse files Browse the repository at this point in the history 
* update to log4j 2.17.1

Signed-off-by: Sally MacFarlane <sally.macfarlane@consensys.net>
  • Loading branch information
@macfarla
macfarla authored Jan 3, 2022
1 parent 6b47c8f commit a890e42
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 4 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@

### Bug Fixes
- Make 'to' field optional in eth_call method according to the spec [#3177] (https://github.com/hyperledger/besu/pull/3177)
- Update to log4j 2.17.1. Resolves potential vulnerability only exploitable when using custom log4j configurations that are writable by untrusted users.

## 21.10.5

Expand Down
8 changes: 4 additions & 4 deletions gradle/versions.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,10 +112,10 @@ dependencyManagement {
dependency 'org.apache.commons:commons-compress:1.21'
dependency 'org.apache.commons:commons-text:1.9'

dependency 'org.apache.logging.log4j:log4j-api:2.17.0'
dependency 'org.apache.logging.log4j:log4j-core:2.17.0'
dependency 'org.apache.logging.log4j:log4j-jul:2.17.0'
dependency 'org.apache.logging.log4j:log4j-slf4j-impl:2.17.0'
dependency 'org.apache.logging.log4j:log4j-api:2.17.1'
dependency 'org.apache.logging.log4j:log4j-core:2.17.1'
dependency 'org.apache.logging.log4j:log4j-jul:2.17.1'
dependency 'org.apache.logging.log4j:log4j-slf4j-impl:2.17.1'

dependency 'org.apache.tuweni:tuweni-bytes:2.0.0'
dependency 'org.apache.tuweni:tuweni-config:2.0.0'
Expand Down

0 comments on commit a890e42

Please sign in to comment.