From 886cdc09c2656e074661f343192c750247848010 Mon Sep 17 00:00:00 2001
From: ChrisC <christophe.closset@intl.att.com>
Date: Fri, 30 Apr 2021 13:27:30 +0200
Subject: Vulnerable packages update

Exclude log4j 1.2.17 from being pulled

Issue-ID: SDC-3572
Signed-off-by: ChrisC <christophe.closset@intl.att.com>
Change-Id: I3fd25ddcd5f8e2089beed2d66bff82c2a3d65f48
---
 security-util-lib/pom.xml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/security-util-lib/pom.xml b/security-util-lib/pom.xml
index 020e7c1..a4eb3a7 100644
--- a/security-util-lib/pom.xml
+++ b/security-util-lib/pom.xml
@@ -69,6 +69,10 @@
                    <groupId>org.slf4j</groupId>
                    <artifactId>slf4j-simple</artifactId>
                </exclusion>
+               <exclusion>
+                   <groupId>log4j</groupId>
+                   <artifactId>log4j</artifactId>
+               </exclusion>
            </exclusions>
        </dependency>
 
-- 
cgit 1.2.3-korg