From d3eb1114dc150ee2943ee089b35db1a63bb38219 Mon Sep 17 00:00:00 2001
From: dugujiujiang <2563829168@qq.com>
Date: Wed, 13 Aug 2025 07:30:43 +0800
Subject: [PATCH] BIGTOP-4011. CVE-2022-23307: Apache Log4j security
vulnerabilities.
---
bigtop-tests/test-execution/conf/pom.xml | 16 ++++++++++++++--
pom.xml | 19 +++++++++++++++----
2 files changed, 29 insertions(+), 6 deletions(-)
diff --git a/bigtop-tests/test-execution/conf/pom.xml b/bigtop-tests/test-execution/conf/pom.xml
index 6f3f3eb4a4..0fafb33cc7 100644
--- a/bigtop-tests/test-execution/conf/pom.xml
+++ b/bigtop-tests/test-execution/conf/pom.xml
@@ -32,8 +32,20 @@
- log4j
- log4j
+ org.apache.logging.log4j
+ log4j-api
+
+
+ org.apache.logging.log4j
+ log4j-core
+
+
+ org.apache.logging.log4j
+ log4j-1.2-api
+
+
+ org.apache.logging.log4j
+ log4j-slf4j-impl
diff --git a/pom.xml b/pom.xml
index 4a79ac6515..bb448c9740 100644
--- a/pom.xml
+++ b/pom.xml
@@ -60,7 +60,7 @@
1.1
4.11
1.6.6
- 1.2.14
+ 2.17.1
3.4
2.5.0
@@ -114,9 +114,20 @@
${slf4j.version}
- log4j
- log4j
- 1.2.14
+ org.apache.logging.log4j
+ log4j-api
+
+
+ org.apache.logging.log4j
+ log4j-core
+
+
+ org.apache.logging.log4j
+ log4j-1.2-api
+
+
+ org.apache.logging.log4j
+ log4j-slf4j-impl
org.antlr