Upgrade logback-classic

XMLWordPrintableJSON

    • Type: Improvement
    • Resolution: Fixed
    • Priority: Unknown
    • 5.2.0
    • Affects Version/s: None
    • Component/s: Build
    • None
    • None
    • Fully Compatible
    • Java Drivers
    • Not Needed
    • Hide

      1. What would you like to communicate to the user about this feature?
      2. Would you like the user to see examples of the syntax and/or executable code and its output?
      3. Which versions of the driver/connector does this apply to?

      Show
      1. What would you like to communicate to the user about this feature? 2. Would you like the user to see examples of the syntax and/or executable code and its output? 3. Which versions of the driver/connector does this apply to?
    • None
    • None
    • None
    • None
    • None
    • None

      Although the driver only uses Logback during testing, it's on a very old version that has a CVE reported against it, which is detected by Snyk and probably other static analysis tools. To avoid the appearance of a security vulnerability, we should upgrade to the latest release.

              Assignee:
              Unassigned
              Reporter:
              Jeffrey Yemin
              None
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: