We have released two versions (2.1.1 and 2.1.2) of the Snowplow S3 Loader, upgrading dependencies to address the recently identified Log4j 2 vulnerability (CVE-2021-44228).
Changelog
v2.1.1
Exclude transitive dependencies of hadoop (#243)
Bump commons-collections to 3.2.2 (#242)
Bump elephant-bird-core to 4.17 (#241)
Remove log4j (#240)
v2.1.2
Bump amazon-kinesis-client to 1.14.5 (#245)
Updating
2.1.1 and 2.1.2 images can be pulled from Docker Hub. jar files are available on Github: Releases ยท snowplow/snowplow-s3-loader ยท GitHub