From 61c5976aee89f83fbbc181c4388c8360e8b35da0 Mon Sep 17 00:00:00 2001
From: Jason Tedor <jason@tedor.me>
Date: Sun, 9 Apr 2017 07:19:16 -0400
Subject: [PATCH] Upgrade to Log4j 2.8.2

This commit upgrades the Log4j dependencies from version 2.7 to version
2.8.2. This release includes a fix for a case where Log4j could lose
exceptions in the presence of a security manager.

Relates #23995
---
 buildSrc/version.properties                | 2 +-
 core/build.gradle                          | 2 ++
 core/licenses/log4j-1.2-api-2.7.jar.sha1   | 1 -
 core/licenses/log4j-1.2-api-2.8.2.jar.sha1 | 1 +
 core/licenses/log4j-api-2.7.jar.sha1       | 1 -
 core/licenses/log4j-api-2.8.2.jar.sha1     | 1 +
 core/licenses/log4j-core-2.7.jar.sha1      | 1 -
 core/licenses/log4j-core-2.8.2.jar.sha1    | 1 +
 docs/java-api/index.asciidoc               | 8 ++++----
 9 files changed, 10 insertions(+), 8 deletions(-)
 delete mode 100644 core/licenses/log4j-1.2-api-2.7.jar.sha1
 create mode 100644 core/licenses/log4j-1.2-api-2.8.2.jar.sha1
 delete mode 100644 core/licenses/log4j-api-2.7.jar.sha1
 create mode 100644 core/licenses/log4j-api-2.8.2.jar.sha1
 delete mode 100644 core/licenses/log4j-core-2.7.jar.sha1
 create mode 100644 core/licenses/log4j-core-2.8.2.jar.sha1

diff --git a/buildSrc/version.properties b/buildSrc/version.properties
index cea96db283d..a3a1681eb3e 100644
--- a/buildSrc/version.properties
+++ b/buildSrc/version.properties
@@ -8,7 +8,7 @@ jts               = 1.13
 jackson           = 2.8.6
 snakeyaml         = 1.15
 # When updating log4j, please update also docs/java-api/index.asciidoc
-log4j             = 2.7
+log4j             = 2.8.2
 slf4j             = 1.6.2
 jna               = 4.4.0
 
diff --git a/core/build.gradle b/core/build.gradle
index 99da28e2091..8ce1e02ecd4 100644
--- a/core/build.gradle
+++ b/core/build.gradle
@@ -231,9 +231,11 @@ thirdPartyAudit.excludes = [
   'org.apache.commons.compress.utils.IOUtils',
   'org.apache.commons.csv.CSVFormat',
   'org.apache.commons.csv.QuoteMode',
+  'org.apache.kafka.clients.producer.Callback',
   'org.apache.kafka.clients.producer.KafkaProducer',
   'org.apache.kafka.clients.producer.Producer',
   'org.apache.kafka.clients.producer.ProducerRecord',
+  'org.apache.kafka.clients.producer.RecordMetadata',
   'org.codehaus.stax2.XMLStreamWriter2',
   'org.jctools.queues.MessagePassingQueue$Consumer',
   'org.jctools.queues.MpscArrayQueue',
diff --git a/core/licenses/log4j-1.2-api-2.7.jar.sha1 b/core/licenses/log4j-1.2-api-2.7.jar.sha1
deleted file mode 100644
index f3644414148..00000000000
--- a/core/licenses/log4j-1.2-api-2.7.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-39f4e6c2d68d4ef8fd4b0883d165682dedd5be52
\ No newline at end of file
diff --git a/core/licenses/log4j-1.2-api-2.8.2.jar.sha1 b/core/licenses/log4j-1.2-api-2.8.2.jar.sha1
new file mode 100644
index 00000000000..39d09bec717
--- /dev/null
+++ b/core/licenses/log4j-1.2-api-2.8.2.jar.sha1
@@ -0,0 +1 @@
+f1543534b8413aac91fa54d1fff65dfff76818cd
\ No newline at end of file
diff --git a/core/licenses/log4j-api-2.7.jar.sha1 b/core/licenses/log4j-api-2.7.jar.sha1
deleted file mode 100644
index 8f676d9dbdd..00000000000
--- a/core/licenses/log4j-api-2.7.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-8de00e382a817981b737be84cb8def687d392963
\ No newline at end of file
diff --git a/core/licenses/log4j-api-2.8.2.jar.sha1 b/core/licenses/log4j-api-2.8.2.jar.sha1
new file mode 100644
index 00000000000..7c7c1da835c
--- /dev/null
+++ b/core/licenses/log4j-api-2.8.2.jar.sha1
@@ -0,0 +1 @@
+e590eeb783348ce8ddef205b82127f9084d82bf3
\ No newline at end of file
diff --git a/core/licenses/log4j-core-2.7.jar.sha1 b/core/licenses/log4j-core-2.7.jar.sha1
deleted file mode 100644
index 07bb057a984..00000000000
--- a/core/licenses/log4j-core-2.7.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-a3f2b4e64c61a7fc1ed8f1e5ba371933404ed98a
\ No newline at end of file
diff --git a/core/licenses/log4j-core-2.8.2.jar.sha1 b/core/licenses/log4j-core-2.8.2.jar.sha1
new file mode 100644
index 00000000000..4e6c7b4fcc3
--- /dev/null
+++ b/core/licenses/log4j-core-2.8.2.jar.sha1
@@ -0,0 +1 @@
+979fc0cf8460302e4ffbfe38c1b66a99450b0bb7
\ No newline at end of file
diff --git a/docs/java-api/index.asciidoc b/docs/java-api/index.asciidoc
index 43fc1cacf2d..792404c4149 100644
--- a/docs/java-api/index.asciidoc
+++ b/docs/java-api/index.asciidoc
@@ -44,12 +44,12 @@ You need to also include Log4j 2 dependencies:
 <dependency>
     <groupId>org.apache.logging.log4j</groupId>
     <artifactId>log4j-api</artifactId>
-    <version>2.7</version>
+    <version>2.8.2</version>
 </dependency>
 <dependency>
     <groupId>org.apache.logging.log4j</groupId>
     <artifactId>log4j-core</artifactId>
-    <version>2.7</version>
+    <version>2.8.2</version>
 </dependency>
 --------------------------------------------------
 
@@ -77,12 +77,12 @@ If you want to use another logger than Log4j 2, you can use http://www.slf4j.org
 <dependency>
     <groupId>org.apache.logging.log4j</groupId>
     <artifactId>log4j-to-slf4j</artifactId>
-    <version>2.7</version>
+    <version>2.8.2</version>
 </dependency>
 <dependency>
     <groupId>org.slf4j</groupId>
     <artifactId>slf4j-api</artifactId>
-    <version>1.7.21</version>
+    <version>1.7.24</version>
 </dependency>
 --------------------------------------------------