From: liamfallon <liam.fallon@est.tech>
Date: Wed, 5 Jan 2022 12:49:37 +0000 (+0000)
Subject: Update log4j version due to security vulnerability
X-Git-Tag: 3.4.4~5
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=refs%2Fchanges%2F76%2F126476%2F1;p=policy%2Fparent.git

Update log4j version due to security vulnerability

SECCOM has recommended going to log4j 2.17.1.

Issue-ID: POLICY-3862
Change-Id: I486d89bc467f92c4ac8f43b57b3829aa459fc550
Signed-off-by: liamfallon <liam.fallon@est.tech>
---

diff --git a/integration/pom.xml b/integration/pom.xml
index 6053e61a..a02a3ea5 100644
--- a/integration/pom.xml
+++ b/integration/pom.xml
@@ -2,7 +2,7 @@
   ============LICENSE_START=======================================================
    Copyright (C) 2018 Ericsson. All rights reserved.
    Modifications Copyright (C) 2018-2021 AT&T. All rights reserved.
-   Modifications Copyright (C) 2019-2021 Nordix Foundation.
+   Modifications Copyright (C) 2019-2022 Nordix Foundation.
    Modifications Copyright (C) 2020-2021 Bell Canada.
   ================================================================================
   Licensed under the Apache License, Version 2.0 (the "License");
@@ -342,7 +342,7 @@
             <dependency>
                 <groupId>org.apache.logging.log4j</groupId>
                 <artifactId>log4j-api</artifactId>
-                <version>2.16.0</version>
+                <version>2.17.1</version>
             </dependency>
             <dependency>
                 <groupId>org.apache.logging.log4j</groupId>