diff options
| author |   Dan Timoney <dtimoney@att.com> | 2022-01-03 13:23:53 -0500 |
|---|---|---|
| committer | Dan Timoney <dtimoney@att.com> | 2022-01-03 13:23:53 -0500 |
| commit | 4bb4fd75b60072feb9764e1702748e50944ea499 (patch) | |
| tree | 1199ed8f04d2cca850461400cf3fddc572eecbd7 | |
| parent | 3006f3a36ff67a0dfb4e50577be48883c80eeab6 (diff) | |
Upgrade to log4j2 2.17.1
Update to use version 2.17.1 to resolve log4shell vulnerability
Issue-ID: CCSDK-3556
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I5e9c6f211df52eb7db27b1479bb295d473c0dded
5 files changed, 18 insertions, 9 deletions
diff --git a/opendaylight/silicon/silicon-alpine/pom.xml b/opendaylight/silicon/silicon-alpine/pom.xml index 029bc829..d8111fcf 100644 --- a/opendaylight/silicon/silicon-alpine/pom.xml +++ b/opendaylight/silicon/silicon-alpine/pom.xml @@ -23,7 +23,7 @@ <odl.shiro.version>0.13.5</odl.shiro.version> <odl.ops4j.version>7.3.16</odl.ops4j.version> <odl.pax.logging.version>2.0.9</odl.pax.logging.version> - <patch.pax.logging.version>2.0.12</patch.pax.logging.version> + <patch.pax.logging.version>2.0.14</patch.pax.logging.version> <odl.karaf.framework.version>4.3.2</odl.karaf.framework.version> <odl.netconf.version>1.13.4</odl.netconf.version> </properties> @@ -125,6 +125,14 @@ </artifactItem> <artifactItem> <groupId>org.ops4j.pax.logging</groupId> + <artifactId>pax-logging-logback</artifactId> + <version>${patch.pax.logging.version}</version> + <outputDirectory>${project.build.directory}/docker-stage/system/org/ops4j/pax/logging/pax-logging-logback/${patch.pax.logging.version}</outputDirectory> + <destFileName>pax-logging-logback-${patch.pax.logging.version}.jar</destFileName> + <excludes>*</excludes> + </artifactItem> + <artifactItem> + <groupId>org.ops4j.pax.logging</groupId> <artifactId>pax-logging-api</artifactId> <version>${patch.pax.logging.version}</version> <outputDirectory>${project.build.directory}/docker-stage/system/org/ops4j/pax/logging/pax-logging-api/${patch.pax.logging.version}</outputDirectory> @@ -185,7 +193,7 @@ <include>framework-${odl.karaf.framework.version}-features.xml</include> <include>startup.properties</include> </includes> - <filtering>false</filtering> + <filtering>true</filtering> </resource> </resources> </configuration> diff --git a/opendaylight/silicon/silicon-alpine/src/main/docker/Dockerfile b/opendaylight/silicon/silicon-alpine/src/main/docker/Dockerfile index b5b3c6da..19cd55f6 100644 --- a/opendaylight/silicon/silicon-alpine/src/main/docker/Dockerfile +++ b/opendaylight/silicon/silicon-alpine/src/main/docker/Dockerfile @@ -32,6 +32,7 @@ COPY system $ODL_HOME/system COPY framework-${odl.karaf.framework.version}-features.xml $ODL_HOME/system/org/apache/karaf/features/framework/${odl.karaf.framework.version}/framework-${odl.karaf.framework.version}-features.xml COPY startup.properties $ODL_HOME/etc/startup.properties RUN rm -rf $ODL_HOME/system/org/ops4j/pax/logging/pax-logging-log4j2/${odl.pax.logging.version} +RUN rm -rf $ODL_HOME/system/org/ops4j/pax/logging/pax-logging-logback/${odl.pax.logging.version} RUN rm -rf $ODL_HOME/system/org/ops4j/pax/logging/pax-logging-api/${odl.pax.logging.version} # Changing ownership and permission of /opt diff --git a/opendaylight/silicon/silicon-alpine/src/main/resources/framework-4.3.2-features.xml b/opendaylight/silicon/silicon-alpine/src/main/resources/framework-4.3.2-features.xml index 1f283cb1..52bc1d40 100755 --- a/opendaylight/silicon/silicon-alpine/src/main/resources/framework-4.3.2-features.xml +++ b/opendaylight/silicon/silicon-alpine/src/main/resources/framework-4.3.2-features.xml @@ -27,8 +27,8 @@ <!-- mvn: url handlers --> <bundle start-level="5">mvn:org.ops4j.pax.url/pax-url-aether/2.6.7</bundle> <!-- logging --> - <bundle start-level="8">mvn:org.ops4j.pax.logging/pax-logging-api/2.0.12</bundle> - <bundle start-level="8">mvn:org.ops4j.pax.logging/pax-logging-log4j2/2.0.12</bundle> + <bundle start-level="8">mvn:org.ops4j.pax.logging/pax-logging-api/${patch.pax.logging.version}</bundle> + <bundle start-level="8">mvn:org.ops4j.pax.logging/pax-logging-log4j2/${patch.pax.logging.version}</bundle> <bundle start-level="8">mvn:org.fusesource.jansi/jansi/1.18</bundle> <!-- config admin --> <bundle start-level="9">mvn:org.osgi/org.osgi.util.function/1.1.0</bundle> @@ -53,8 +53,8 @@ <!-- mvn: url handlers --> <bundle start-level="5">mvn:org.ops4j.pax.url/pax-url-aether/2.6.7</bundle> <!-- logging --> - <bundle start-level="8">mvn:org.ops4j.pax.logging/pax-logging-api/2.0.9</bundle> - <bundle start-level="8">mvn:org.ops4j.pax.logging/pax-logging-logback/2.0.9</bundle> + <bundle start-level="8">mvn:org.ops4j.pax.logging/pax-logging-api/${patch.pax.logging.version}</bundle> + <bundle start-level="8">mvn:org.ops4j.pax.logging/pax-logging-logback/${patch.pax.logging.version}</bundle> <!-- config admin --> <bundle start-level="9">mvn:org.osgi/org.osgi.util.function/1.1.0</bundle> <bundle start-level="9">mvn:org.osgi/org.osgi.util.promise/1.1.1</bundle> diff --git a/opendaylight/silicon/silicon-alpine/src/main/resources/startup.properties b/opendaylight/silicon/silicon-alpine/src/main/resources/startup.properties index 59ab975e..40baf708 100755 --- a/opendaylight/silicon/silicon-alpine/src/main/resources/startup.properties +++ b/opendaylight/silicon/silicon-alpine/src/main/resources/startup.properties @@ -1,8 +1,8 @@ # Bundles to be started on startup, with startlevel mvn\:org.apache.karaf.features/org.apache.karaf.features.extension/4.3.2 = 1 mvn\:org.ops4j.pax.url/pax-url-aether/2.6.7 = 5 -mvn\:org.ops4j.pax.logging/pax-logging-api/2.0.12 = 8 -mvn\:org.ops4j.pax.logging/pax-logging-log4j2/2.0.12 = 8 +mvn\:org.ops4j.pax.logging/pax-logging-api/${patch.pax.logging.version} = 8 +mvn\:org.ops4j.pax.logging/pax-logging-log4j2/${patch.pax.logging.version} = 8 mvn\:org.fusesource.jansi/jansi/1.18 = 8 mvn\:org.osgi/org.osgi.util.promise/1.1.1 = 9 mvn\:org.apache.felix/org.apache.felix.coordinator/1.0.2 = 9 @@ -5,7 +5,7 @@ <parent> <groupId>org.onap.ccsdk.parent</groupId> <artifactId>oparent</artifactId> - <version>2.3.1</version> + <version>2.3.2</version> </parent> <groupId>org.onap.ccsdk.distribution</groupId> |