Merge pull request #545 from WeBankFinTech/feature-2.4.1-log4j-vulnerability

maxwong · web-flow · commit 59569bfc0958 · 2021-12-10T16:28:50.000+08:00
1. Fixes log4j2 vulunerbilities. Bumping versions from 2.13.3 to 2.15.0.
diff --git a/BUILD_INFO b/BUILD_INFO
@@ -1 +1 @@
-eggroll.version=2.4.0
+eggroll.version=2.4.1
diff --git a/jvm/pom.xml b/jvm/pom.xml
@@ -201,7 +201,7 @@
   <modelVersion>4.0.0</modelVersion>
 
   <properties>
-    <eggroll.version>2.4.0</eggroll.version>
+    <eggroll.version>2.4.1</eggroll.version>
 
     <!-- Languages -->
     <code.cache.size>512m</code.cache.size>
@@ -224,7 +224,7 @@
     <junit4.version>4.13.2</junit4.version>
     <junit.jupiter.version>5.5.1</junit.jupiter.version>
     <junit.platform.version>1.5.1</junit.platform.version>
-    <log4j2.version>2.13.3</log4j2.version>
+    <log4j2.version>2.15.0</log4j2.version>
     <netty.version>4.1.27.Final</netty.version>
     <protobuf.version>3.6.1</protobuf.version>
     <rocksdb.version>6.8.1</rocksdb.version>
diff --git a/python/eggroll/__init__.py b/python/eggroll/__init__.py
@@ -14,4 +14,4 @@
 #  limitations under the License.
 #
 
-__version__ = "2.4.0"
+__version__ = "2.4.1"

Original file line number	Diff line number	Diff line change
`@@ -14,4 +14,4 @@`
`14`	`14`	`# limitations under the License.`
`15`	`15`	`#`
`16`	`16`
`17`		`-__version__ = "2.4.0"`
	`17`	`+__version__ = "2.4.1"`