aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorliamfallon <liam.fallon@est.tech>2021-12-14 16:09:06 +0000
committerliamfallon <liam.fallon@est.tech>2021-12-14 16:09:10 +0000
commit0f2a5c43bea5be54400dc35e78ab559d1e926416 (patch)
treef767fa9aad72491b96399f9624d3c708cf7b0eaa
parenta14dffcc6b97a6b8a11fceb2f781665346dcd2eb (diff)
Update log4j version due to security vulnerability
This change excludes old log4j libraries and includes newer versions that are not tagged with a security vulnerability. Issue-ID: POLICY-3862 Change-Id: I92dea9bef6d207db92caa6eb0bc20f863c93b1be Signed-off-by: liamfallon <liam.fallon@est.tech>
-rw-r--r--integration/pom.xml24
1 files changed, 21 insertions, 3 deletions
diff --git a/integration/pom.xml b/integration/pom.xml
index 6b4a5d6f..14e234d4 100644
--- a/integration/pom.xml
+++ b/integration/pom.xml
@@ -37,7 +37,7 @@
<properties>
<java.version>11</java.version>
<!-- NOTE: For RELEASE/SNAPSHOT always set to the project version -->
- <version.parent.resources>3.5.0</version.parent.resources>
+ <version.parent.resources>3.5.1-SNAPSHOT</version.parent.resources>
<version.logback>1.2.3</version.logback>
<version.dmaap>1.1.12</version.dmaap>
<version.powermock>2.0.9</version.powermock>
@@ -52,7 +52,7 @@
<version.netty>4.1.67.Final</version.netty>
<version.springboot>2.5.0</version.springboot>
<version.eelf.core>1.0.0</version.eelf.core>
- <version.camel>3.7.3</version.camel>
+ <version.camel>3.13.0</version.camel>
<version.tomcat>9.0.45</version.tomcat>
<version.mockserver>5.11.2</version.mockserver>
<version.immutable>2.8.8</version.immutable>
@@ -342,6 +342,14 @@
<groupId>io.springfox</groupId>
<artifactId>springfox-boot-starter</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-api</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-to-slf4j</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -349,6 +357,16 @@
<artifactId>json-smart</artifactId>
<version>2.4.7</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-api</artifactId>
+ <version>2.16.0</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-to-slf4j</artifactId>
+ <version>2.16.0</version>
+ </dependency>
<!-- AAF Client -->
<dependency>
@@ -1284,4 +1302,4 @@
</plugin>
</plugins>
</build>
-</project> \ No newline at end of file
+</project>