Skip to content

Commit

Permalink
Update bazel-common version to update log4j dependency to 2.15.0 (CVE…
Browse files Browse the repository at this point in the history
…-2021-44228).

Note that Flogger's log4j2 backend was likely not actually vulnerable to this because Flogger handled all message formatting before passing the message to log4j as a `SimpleMessage`.

RELNOTES=Updated log4j2 backend's log4j dependency to 2.15.0 (CVE-2021-44228). Note that Flogger's log4j2 backend was likely not actually vulnerable to this because Flogger handled all message formatting before passing the message to log4j as a `SimpleMessage`.
PiperOrigin-RevId: 415732690
  • Loading branch information
cgdecker authored and Flogger Team committed Dec 11, 2021
1 parent f1464c1 commit a573072
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions WORKSPACE
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,9 @@ load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
# https://travis-ci.org/github/google/flogger/builds
http_archive(
name = "google_bazel_common",
sha256 = "d8aa0ef609248c2a494d5dbdd4c89ef2a527a97c5a87687e5a218eb0b77ff640",
strip_prefix = "bazel-common-4a8d451e57fb7e1efecbf9495587a10684a19eb2",
urls = ["https://github.com/google/bazel-common/archive/4a8d451e57fb7e1efecbf9495587a10684a19eb2.zip"],
sha256 = "e2abb500551aa55407c203220d99bff605f313525cd90fdecd04c71e5e9bc5c7",
strip_prefix = "bazel-common-1e9fcb136b314953a03eb2321d9a486b965fa7b9",
urls = ["https://github.com/google/bazel-common/archive/1e9fcb136b314953a03eb2321d9a486b965fa7b9.zip"],
)

load("@google_bazel_common//:workspace_defs.bzl", "google_common_workspace_rules")
Expand Down

0 comments on commit a573072

Please sign in to comment.