From c712c71eba469bde43790ceb14fc8748417e0a29 Mon Sep 17 00:00:00 2001
From: niamhcore <niamh.core@est.tech>
Date: Wed, 15 Dec 2021 11:23:56 +0000
Subject: Update log4j version due to security vulnerability for NCMP-DMI

This change excludes old log4j libraries and includes newer versions
that are not tagged with a security vulnerability.

Issue-ID: CPS-820
Signed-off-by: niamhcore <niamh.core@est.tech>
Change-Id: I2694cdc66449a9634dfe726b39736a8b0ba67e5a
(cherry picked from commit 983510777aead2f8827c5f74fa54193884ef79aa)
---
 pom.xml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/pom.xml b/pom.xml
index d3e25b6e..9b258623 100644
--- a/pom.xml
+++ b/pom.xml
@@ -62,6 +62,16 @@
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
+            <dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-api</artifactId>
+                <version>2.16.0</version>
+            </dependency>
+            <dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-to-slf4j</artifactId>
+                <version>2.16.0</version>
+            </dependency>
         </dependencies>
     </dependencyManagement>
     <dependencies>
-- 
cgit 1.2.3-korg