Skip to content
This repository was archived by the owner on Jan 21, 2025. It is now read-only.

Bumps logback 1.2.3 -> 1.2.8 #37

Merged
merged 1 commit into from
Dec 15, 2021
Merged

Bumps logback 1.2.3 -> 1.2.8 #37

merged 1 commit into from
Dec 15, 2021

Conversation

caesar-ralf
Copy link
Contributor

Logback also can be affected by the exploit that log4j2 has been.

Although very unlikely as to exploit logback you need extra steps
(namely write access to logback.xml and being able to restart
the application), it's better be safe than sorry.

More info at logback news:
http://logback.qos.ch/news.html

@caesar-ralf
Bumps logback 1.2.3 -> 1.2.8
ce9bae5 
Logback also can be affected by the exploit that log4j2 has been.

Although very unlikely as to exploit logback you need extra steps
(namely write access to logback.xml and being able to restart
the application), it's better be safe than sorry.

More info at logback news:
http://logback.qos.ch/news.html
@danielnorberg danielnorberg merged commit 6099865 into spotify:master Dec 15, 2021
@danielnorberg
Copy link
Contributor

@caesar-ralf seems to be some issue with permissions. Circleci fails to check out master. Do you have time to investigate?

@caesar-ralf caesar-ralf deleted the patch-1 branch December 15, 2021 13:44
@caesar-ralf
Copy link
Contributor Author

@caesar-ralf seems to be some issue with permissions. Circleci fails to check out master. Do you have time to investigate?

yep, going to take a look

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@caesar-ralf @danielnorberg