Remediation for Log4Shell vulnerabilityistanbul

Upgrade log4j to 2.17.1 Change-Id: I2055d1cc77f0b2008e4c22624a5e4cefeefccc13 Signed-off-by: vv770d <vv770d@att.com> Issue-ID: DCAEGEN2-3022 (cherry picked from commit 7a280a2cce33aeca65174d63edd40a44167ab8bc) Signed-off-by: vv770d <vv770d@att.com>
author: vv770d <vv770d@att.com> 2022-01-18 22:47:26 +0000
committer: vv770d <vv770d@att.com> 2022-01-20 14:33:18 +0000
commit: 48588d8af6a3ceb2f4287e75506479cf497bb1e0 (patch)
tree: 6ce1995ab80dcf95524bdbee092157de43e007f5
parent: 5a29d969b313211ab632a824f776680d2eafd0b2 (diff)
3 files changed, 20 insertions, 17 deletions
diff --git a/Changelog.md b/Changelog.md
index c8997400..8933f113 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -4,8 +4,11 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
+## [1.10.3] - 2022/01/18
+         - [DCAEGEN2-3022] - Remediation for Log4Shell vulnerability (upgrade to 2.17.1)
+
 ## [1.10.2] - 2021/12/14
-         - [DCAEGEN2-3022] - Remediation for Log4Shell vulnerability
+         - [DCAEGEN2-3022] - Remediation for Log4Shell vulnerability (upgrade to 2.16.0)
 
 ## [1.10.1] - 2021/08/31
          -  [DCAEGEN2-1483](https://jira.onap.org/browse/DCAEGEN2-2719) - CBS-Client supporting configMap
diff --git a/pom.xml b/pom.xml
index acfb8183..2e5cc57c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,17 +1,17 @@
 <?xml version="1.0"?>
 <!--
-    ================================================================================
-	Copyright (c) 2017-2019,2021 AT&T Intellectual Property. All rights reserved.
-	Copyright (c) 2020-2021 Nokia. All rights reserved.
-	================================================================================
-	Licensed under the Apache License, Version 2.0 (the "License"); you may not
-	use this file except in compliance with the License. You may obtain a copy
-	of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required
-	by applicable law or agreed to in writing, software distributed under the
-	License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
-	OF ANY KIND, either express or implied. See the License for the specific
-	language governing permissions and limitations under the License.
-	============LICENSE_END=========================================================
+  ============LICENSE_START=======================================================
+  Copyright (c) 2017-2019,2021 AT&T Intellectual Property. All rights reserved.
+  Copyright (c) 2020-2022 Nokia. All rights reserved.
+  ================================================================================
+  Licensed under the Apache License, Version 2.0 (the "License"); you may not
+  use this file except in compliance with the License. You may obtain a copy
+  of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required
+  by applicable law or agreed to in writing, software distributed under the
+  License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
+  OF ANY KIND, either express or implied. See the License for the specific
+  language governing permissions and limitations under the License.
+  ============LICENSE_END=========================================================
 -->
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
@@ -24,7 +24,7 @@
   </parent>
   <groupId>org.onap.dcaegen2.collectors.ves</groupId>
   <artifactId>VESCollector</artifactId>
-  <version>1.10.2-SNAPSHOT</version>
+  <version>1.10.3-SNAPSHOT</version>
   <name>dcaegen2-collectors-ves</name>
   <description>VESCollector</description>
   <properties>
@@ -47,7 +47,7 @@
     <maven.compiler.target>${java.version}</maven.compiler.target>
     <maven.compiler.source>${java.version}</maven.compiler.source>
     <sonar.coverage.jacoco.xmlReportPaths>
-	${project.reporting.outputDirectory}/jacoco-ut/jacoco.xml
+       ${project.reporting.outputDirectory}/jacoco-ut/jacoco.xml
     </sonar.coverage.jacoco.xmlReportPaths>
     <!-- DEPENDENCY RELATED SETTINGS -->
     <micrometer.version>1.6.5</micrometer.version>
@@ -66,7 +66,7 @@
     <commons-configuration.version>1.10</commons-configuration.version>
     <vavr.version>0.10.3</vavr.version>
     <spring-boot-starter-log4j2.version>2.6.1</spring-boot-starter-log4j2.version>
-    <log4j.version>2.16.0</log4j.version>
+    <log4j.version>2.17.1</log4j.version>
     <springfox-swagger2.version>3.0.0</springfox-swagger2.version>
     <assertj-core.version>3.19.0</assertj-core.version>
     <spring-boot-starter-test.version>2.2.13.RELEASE</spring-boot-starter-test.version>
diff --git a/version.properties b/version.properties
index 6569402c..35a1494b 100644
--- a/version.properties
+++ b/version.properties
@@ -1,6 +1,6 @@
 major=1
 minor=10
-patch=2
+patch=3
 base_version=${major}.${minor}.${patch}
 release_version=${base_version}
 snapshot_version=${base_version}-SNAPSHOT
author	vv770d <vv770d@att.com>	2022-01-18 22:47:26 +0000
committer	vv770d <vv770d@att.com>	2022-01-20 14:33:18 +0000
commit	48588d8af6a3ceb2f4287e75506479cf497bb1e0 (patch)
tree	6ce1995ab80dcf95524bdbee092157de43e007f5
parent	5a29d969b313211ab632a824f776680d2eafd0b2 (diff)