diff options
author | Dan Timoney <dtimoney@att.com> | 2022-01-03 16:44:03 -0500 |
---|---|---|
committer | Dan Timoney <dtimoney@att.com> | 2022-01-03 16:44:03 -0500 |
commit | f3f03daaa608a0db54049765f767a275237dbaf0 (patch) | |
tree | 16b70e3f00af7caca2f08ee6d392f3755d6d6afa /springboot/spring-boot-setup/src/main/resources/pom-template.xml | |
parent | ab5bfc93c00d7e16e54730374e9fec84d91e0c16 (diff) |
Upgrade to log4j2 2.17.1
Update to use version 2.17.1 to resolve log4shell vulnerability
Issue-ID: CCSDK-3556
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I26727d116f066f4041e374d06b894223a86c96a4
Diffstat (limited to 'springboot/spring-boot-setup/src/main/resources/pom-template.xml')
-rw-r--r-- | springboot/spring-boot-setup/src/main/resources/pom-template.xml | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/springboot/spring-boot-setup/src/main/resources/pom-template.xml b/springboot/spring-boot-setup/src/main/resources/pom-template.xml index 7104d384..d094231f 100644 --- a/springboot/spring-boot-setup/src/main/resources/pom-template.xml +++ b/springboot/spring-boot-setup/src/main/resources/pom-template.xml @@ -124,8 +124,8 @@ <derby.version>10.14.2.0</derby.version> <eelf.version>1.0.0</eelf.version> <grpc.version>1.25.0</grpc.version> - <log4j.version>2.16.0</log4j.version> - <log4j2.version>2.16.0</log4j2.version> + <log4j.version>2.17.1</log4j.version> + <log4j2.version>2.17.1</log4j2.version> <netty-ssl>${springboot.netty.ssl.version}</netty-ssl> <protobuff.java.version>3.10.0</protobuff.java.version> <protobuff.java.utils.version>3.10.0</protobuff.java.utils.version> @@ -202,7 +202,18 @@ <groupId>org.liquibase</groupId> <artifactId>liquibase-core</artifactId> <version>4.4.2-nordix</version> - </dependency> + </dependency> + <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-api</artifactId> + <version>${log4j2.version}</version> + </dependency> + <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-core</artifactId> + <version>${log4j2.version}</version> + </dependency> + </dependencies> </dependencyManagement> |