Update log4j version due to security vulnerability for CPS

[cps.git] / cps-dependencies / pom.xml

diff --git a/cps-dependencies/pom.xml b/cps-dependencies/pom.xml
index 348244d..0b45a7c 100755 (executable)
--- a/cps-dependencies/pom.xml
+++ b/cps-dependencies/pom.xml
@@ -23,7 +23,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>org.onap.cps</groupId>
     <artifactId>cps-dependencies</artifactId>
-    <version>2.0.1-SNAPSHOT</version>
+    <version>2.1.0-SNAPSHOT</version>
     <packaging>pom</packaging>
 
     <name>${project.groupId}:${project.artifactId}</name>
@@ -64,7 +64,7 @@
             <dependency>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-dependencies</artifactId>
-                <version>2.5.0</version>
+                <version>2.5.5</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
@@ -137,6 +137,11 @@
                 <artifactId>modelmapper</artifactId>
                 <version>2.3.8</version>
             </dependency>
+            <dependency>
+                <groupId>org.jetbrains</groupId>
+                <artifactId>annotations</artifactId>
+                <version>22.0.0</version>
+            </dependency>
             <dependency>
                 <groupId>org.testcontainers</groupId>
                 <artifactId>kafka</artifactId>
@@ -168,6 +173,16 @@
                 <version>0.18.0</version>
                 <scope>test</scope>
             </dependency>
+            <dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-api</artifactId>
+                <version>2.16.0</version>
+            </dependency>
+            <dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-to-slf4j</artifactId>
+                <version>2.16.0</version>
+            </dependency>
         </dependencies>
     </dependencyManagement>
 </project>