From f3f03daaa608a0db54049765f767a275237dbaf0 Mon Sep 17 00:00:00 2001
From: Dan Timoney <dtimoney@att.com>
Date: Mon, 3 Jan 2022 16:44:03 -0500
Subject: Upgrade to log4j2 2.17.1

Update to use version 2.17.1 to resolve log4shell vulnerability

Issue-ID: CCSDK-3556
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I26727d116f066f4041e374d06b894223a86c96a4
---
 dependencies-bom/pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'dependencies-bom/pom.xml')

diff --git a/dependencies-bom/pom.xml b/dependencies-bom/pom.xml
index b82fe7cd..cebfd4fa 100644
--- a/dependencies-bom/pom.xml
+++ b/dependencies-bom/pom.xml
@@ -211,12 +211,12 @@
             <dependency>
                 <groupId>org.apache.logging.log4j</groupId>
                 <artifactId>log4j-slf4j-impl</artifactId>
-                <version>2.11.2</version>
+                <version>2.17.1</version>
             </dependency>
             <dependency>
                 <groupId>org.apache.logging.log4j</groupId>
                 <artifactId>log4j-core</artifactId>
-                <version>2.16.0</version>
+                <version>2.17.1</version>
             </dependency>
             <dependency>
                 <groupId>org.apache.tomcat</groupId>
-- 
cgit 1.2.3-korg