Bug 2044257

Summary: Bump snmp4j library version to remove dependency on log4j
Product: Red Hat Enterprise Virtualization Manager Reporter: Martin Perina <mperina>
Component: snmp4jAssignee: Martin Perina <mperina>
Status: CLOSED ERRATA QA Contact: Pavol Brilla <pbrilla>
Severity: high Docs Contact:
Priority: high    
Version: 4.4.9CC: apinnick, emarcus, gdeolive, michal.skrivanek, mkalinin, mtessun, pelauter, sbonazzo, snikolov
Target Milestone: ovirt-4.4.10-1Keywords: Rebase
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ovirt-engine-4.4.10.6, snmp4j-3.6.4 Doc Type: Release Note
Doc Text:
In this release, Red Hat Virtualization 4.4.10 requires snmp4j version 3.6.4 or later, which no longer depends on the log4j library.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2022-02-08 16:57:32 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2033534, 2042344    

Description Martin Perina 2022-01-24 10:32:14 UTC 
The dependency on log4j has been removed from snmp4j library in version 3.0.0:

https://www.snmp4j.org/CHANGES.txt

RHV 4.4 is currently using snmp4j 2.5.3, so we will need to bump to snmp4j >= 3.0.0
Comment 6 errata-xmlrpc 2022-02-08 16:57:32 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Low: RHV Manager (ovirt-engine) security update [ovirt-4.4.10-1]), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0475