Install latest CU, see
https://learn.microsoft.com/en-US/troubleshoot/sql/releases/sqlserver-2019/cumulativeupdate16
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi Team,
Background:
We now have installed Microsoft SQL Server 2019 Express locally. After installation, we found that it automatically uses the Log4j 1.2.17 version jar package. (As shown in the picture.)
Since the jar package of Log4j version 1.2.17 has security issues, we now want to upgrade this jar package to 2.16.0 version.
Question:
If we directly replace the local Log4j 1.2.17.jar package with the Log4j 2.16.0 version jar package, will it affect the existing data in SQL Server? Or are there any risks?
It would be a big help if you could answer me as soon as possible.
Thanks,
Liu shi
Hi Shi Liu,
Microsoft released CU16 that includes this log4j resolution.
Best Regards,
Mikey Qiao
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.