From cf6c2e8ac2076439fd5d3bd64587658e123c0428 Mon Sep 17 00:00:00 2001
From: niamhcore <niamh.core@est.tech>
Date: Wed, 15 Dec 2021 13:05:08 +0000
Subject: [PATCH] Update log4j version due to security vulnerability for CPS

This change excludes old log4j libraries and includes newer versions
that are not tagged with a security vulnerability.

Issue-ID: CPS-820
Signed-off-by: niamhcore <niamh.core@est.tech>
Change-Id: I4b5a950b7f9abafa3a3fe56200ad577ed01d9934
---
 cps-dependencies/pom.xml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/cps-dependencies/pom.xml b/cps-dependencies/pom.xml
index 0753a5fb1..0b45a7c1d 100755
--- a/cps-dependencies/pom.xml
+++ b/cps-dependencies/pom.xml
@@ -173,6 +173,16 @@
                 <version>0.18.0</version>
                 <scope>test</scope>
             </dependency>
+            <dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-api</artifactId>
+                <version>2.16.0</version>
+            </dependency>
+            <dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-to-slf4j</artifactId>
+                <version>2.16.0</version>
+            </dependency>
         </dependencies>
     </dependencyManagement>
 </project>
-- 
2.16.6