What's New @ Cloudera
Find the latest Cloudera product news
Announcements
Check out our newest addition to the community, the Cloudera Innovation Accelerator group hub.

Cloudera Logging is now available in CDP Private Cloud Base 7.1.7 SP1

Cloudera Employee

Cloudera Logging is a new Apache Log4j 1.2.x compatible logging library included with CDP Private Cloud Base 7.1.7 SP1 that is created, distributed, and maintained by Cloudera to address the recent vulnerabilities in Apache Log4j 1.2.x.

While Apache Log4j 2.x is actively maintained by the Apache Software Foundation community, 1.2.x isn't and many Cloudera components rely on Log4j 1.2.x libraries. Because there is limited compatibility between 1.2.x and 2.x, we created Cloudera Logging to provide customers with a more secure, stable, and maintained logging library that's compatible with 1.2.x and includes security fixes from the Log4j and Reload4j communities. To help ensure that Cloudera Logging stays current with the latest community work, Cloudera's product security and compliance teams are monitoring the Log4j and Reload4j communities for new issues and, when identified, work to include fixes in Cloudera Logging as applicable.

 

With CDP Private Cloud Base 7.1.7 SP1, Cloudera Logging includes fixes for CVE-2020-9488, CVE-2021-4104, CVE-2022-23302, CVE-2022-23305, and CVE-2022-23307.

 

Please reach out to your Cloudera account team if you have any questions or would like to upgrade to the latest version of CDP Private Cloud Base 7.1.7 SP1.

 

Additional resources: