[OOM-CERT-SERVICE]Fix Apache log4j2 vulnerability2.5.0

- Top up spring-boot to 2.5.8
- Top up Apache log4j2 to 2.17.1
- Top up spring-boot-starter-log4j2 to 2.6.2
- Add miising validator bean

Issue-ID: OOM-2903
Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com>
Change-Id: I816c59e39344bb1fcc2833bcbd58af7fc1c30d78

2 files changed, 61 insertions, 3 deletions

diff --git a/certService/pom.xml b/certService/pom.xml
index 7f559469..13fed005 100644
--- a/certService/pom.xml
+++ b/certService/pom.xml
@@ -32,8 +32,24 @@
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-log4j2</artifactId>
+            <groupId>org.apache.logging.log4j</groupId>
+            <artifactId>log4j-slf4j-impl</artifactId>
+            <version>${log4j2.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.logging.log4j</groupId>
+            <artifactId>log4j-api</artifactId>
+            <version>${log4j2.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.logging.log4j</groupId>
+            <artifactId>log4j-core</artifactId>
+            <version>${log4j2.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.logging.log4j</groupId>
+            <artifactId>log4j-jul</artifactId>
+            <version>${log4j2.version}</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -78,7 +94,14 @@
         <dependency>
             <groupId>org.springframework.cloud</groupId>
             <artifactId>spring-cloud-starter-config</artifactId>
-            <version>${spring-cloud-starter-config.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-bootstrap</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.hibernate.validator</groupId>
+            <artifactId>hibernate-validator</artifactId>
         </dependency>
     </dependencies>
 
diff --git a/certService/src/main/java/org/onap/oom/certservice/certification/configuration/validation/ValidatorConfiguration.java b/certService/src/main/java/org/onap/oom/certservice/certification/configuration/validation/ValidatorConfiguration.java
new file mode 100644
index 00000000..952e59f2
--- /dev/null
+++ b/certService/src/main/java/org/onap/oom/certservice/certification/configuration/validation/ValidatorConfiguration.java
@@ -0,0 +1,35 @@
+/*
+ * ============LICENSE_START=======================================================
+ * oom-certservice-api
+ * ================================================================================
+ * Copyright (C) 2021 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+
+package org.onap.oom.certservice.certification.configuration.validation;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.validation.beanvalidation.LocalValidatorFactoryBean;
+
+@Configuration
+public class ValidatorConfiguration {
+
+    @Bean
+    public LocalValidatorFactoryBean validator() {
+        return new LocalValidatorFactoryBean();
+    }
+}