Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(Templates): Upgrade log4j in aws-kotlin-jvm-gradle #10382

Merged
merged 3 commits into from Dec 17, 2021
Merged

fix(Templates): Upgrade log4j in aws-kotlin-jvm-gradle #10382

merged 3 commits into from Dec 17, 2021

Conversation

varun73
Copy link
Contributor

@varun73 varun73 commented Dec 16, 2021
edited

Fixes added to log4j to address the zero day attack vulnerability.
Closes: #10370

@varun73 varun73 changed the title git comit -m 'fix(Plugins): Upgrade log4j to version 2.16.0' fix(Plugins): Upgrade log4j to version 2.16.0 Dec 16, 2021
@pgrzesik
Copy link
Contributor

Hello @varun73, thanks a lot - would you be interested in addressing this upgrade in all existing templates as described in #10370 ?

@codecov
Copy link

codecov bot commented Dec 16, 2021
edited

Codecov Report

Merging #10382 (b036f42) into master (729196f) will not change coverage.
The diff coverage is n/a.

❗ Current head b036f42 differs from pull request most recent head 4f1c4b0. Consider uploading reports for the commit 4f1c4b0 to get more accurate results
Impacted file tree graph

@@           Coverage Diff           @@
##           master   #10382   +/-   ##
=======================================
  Coverage   85.38%   85.38%           
=======================================
  Files         340      340           
  Lines       14004    14004           
=======================================
  Hits        11957    11957           
  Misses       2047     2047

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 729196f...4f1c4b0. Read the comment docs.

@varun73
Copy link
Contributor Author

varun73 commented Dec 17, 2021

Hello @varun73, thanks a lot - would you be interested in addressing this upgrade in all existing templates as described in #10370 ?

Sure, I'll add the changes to upgrade aws-lambda-java-log4j2 version.

@varun73 varun73 changed the title fix(Plugins): Upgrade log4j to version 2.16.0 fix(Plugins): Upgrade log4j to version 2.16.0 , Upgrade aws-lambda-java-log4j2 version to 1.4.0 Dec 17, 2021
@varun73
Copy link
Contributor Author

varun73 commented Dec 17, 2021
edited

aws-lambda-java-log4j2 change reverted as it conflicted with another PR.

@varun73 varun73 changed the title fix(Plugins): Upgrade log4j to version 2.16.0 , Upgrade aws-lambda-java-log4j2 version to 1.4.0 fix(Plugins): Upgrade log4j to version 2.16.0 Dec 17, 2021
pgrzesik
pgrzesik approved these changes Dec 17, 2021
View reviewed changes
Copy link
Contributor

@pgrzesik pgrzesik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @varun73 🙇

@pgrzesik pgrzesik changed the title fix(Plugins): Upgrade log4j to version 2.16.0 fix(Templates): Upgrade log4j in aws-kotlin-jvm-gradle Dec 17, 2021
@pgrzesik pgrzesik merged commit 7bf8f1b into serverless:master Dec 17, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pgrzesik pgrzesik pgrzesik approved these changes

Assignees
No one assigned
Labels
cat/security cat/template runtime/java
Projects
None yet
Milestone
No milestone
2 participants
@varun73 @pgrzesik