From ab5bfc93c00d7e16e54730374e9fec84d91e0c16 Mon Sep 17 00:00:00 2001
From: Dan Timoney <dtimoney@att.com>
Date: Thu, 16 Dec 2021 07:33:04 -0500
Subject: Upgrade to log4j 2.16.0

Upgrade to log4j2 2.16.0 to address log4shell vulnerability

Issue-ID: CCSDK-3556
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I0a29a606a27aac7c253ac928440a709cead3c7b7
---
 springboot/spring-boot-setup/src/main/resources/pom-template.xml | 2 ++
 springboot/springboot1/pom.xml                                   | 2 ++
 springboot/springboot2/pom.xml                                   | 2 ++
 springboot/springboot25/pom.xml                                  | 3 +++
 4 files changed, 9 insertions(+)

(limited to 'springboot')

diff --git a/springboot/spring-boot-setup/src/main/resources/pom-template.xml b/springboot/spring-boot-setup/src/main/resources/pom-template.xml
index 84e1689a..7104d384 100644
--- a/springboot/spring-boot-setup/src/main/resources/pom-template.xml
+++ b/springboot/spring-boot-setup/src/main/resources/pom-template.xml
@@ -124,6 +124,8 @@
         <derby.version>10.14.2.0</derby.version>
         <eelf.version>1.0.0</eelf.version>
         <grpc.version>1.25.0</grpc.version>
+        <log4j.version>2.16.0</log4j.version>
+        <log4j2.version>2.16.0</log4j2.version>
         <netty-ssl>${springboot.netty.ssl.version}</netty-ssl>
         <protobuff.java.version>3.10.0</protobuff.java.version>
         <protobuff.java.utils.version>3.10.0</protobuff.java.utils.version>
diff --git a/springboot/springboot1/pom.xml b/springboot/springboot1/pom.xml
index 55f4fba6..773d041e 100644
--- a/springboot/springboot1/pom.xml
+++ b/springboot/springboot1/pom.xml
@@ -124,6 +124,8 @@
         <derby.version>10.14.2.0</derby.version>
         <eelf.version>1.0.0</eelf.version>
         <grpc.version>1.25.0</grpc.version>
+        <log4j.version>2.16.0</log4j.version>
+        <log4j2.version>2.16.0</log4j2.version>
         <netty-ssl>2.0.39.Final</netty-ssl>
         <protobuff.java.version>3.10.0</protobuff.java.version>
         <protobuff.java.utils.version>3.10.0</protobuff.java.utils.version>
diff --git a/springboot/springboot2/pom.xml b/springboot/springboot2/pom.xml
index 24dc6001..290f34b5 100644
--- a/springboot/springboot2/pom.xml
+++ b/springboot/springboot2/pom.xml
@@ -124,6 +124,8 @@
         <derby.version>10.14.2.0</derby.version>
         <eelf.version>1.0.0</eelf.version>
         <grpc.version>1.25.0</grpc.version>
+        <log4j.version>2.16.0</log4j.version>
+        <log4j2.version>2.16.0</log4j2.version>
         <netty-ssl>2.0.39.Final</netty-ssl>
         <protobuff.java.version>3.10.0</protobuff.java.version>
         <protobuff.java.utils.version>3.10.0</protobuff.java.utils.version>
diff --git a/springboot/springboot25/pom.xml b/springboot/springboot25/pom.xml
index edcc47c4..5752dfd6 100644
--- a/springboot/springboot25/pom.xml
+++ b/springboot/springboot25/pom.xml
@@ -128,6 +128,9 @@
         <jersey.client.version>2.33</jersey.client.version>
         <jettison.version>1.3.8</jettison.version>
         <logback.version>1.2.3</logback.version>
+
+        <log4j.version>2.16.0</log4j.version>
+        <log4j2.version>2.16.0</log4j2.version>
         <mariadb.connector.version>2.7.3</mariadb.connector.version>
         <mariadb4j.version>2.4.0</mariadb4j.version>
         <slf4j.version>1.7.32</slf4j.version>
-- 
cgit 1.2.3-korg