CVE-2021-44228 Upgrade Log4j2 to 2.15.0

This change integrates a major fix for an exploit in log4j2.
SAP · Dec 12, 2021 · a38a4ca · a38a4ca
1 parent ac8e76d
commit a38a4ca
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/pom.xml b/pom.xml
@@ -169,7 +169,7 @@
         <jackson-jr.version>2.10.1</jackson-jr.version>
         <slf4j.version>1.7.30</slf4j.version>
         <logback.version>1.2.3</logback.version>
-        <log4j2.version>2.13.3</log4j2.version>
+        <log4j2.version>2.15.0</log4j2.version>
         <buildnumber.plugin.version>1.4</buildnumber.plugin.version>
         <source.plugin.version>3.2.1</source.plugin.version>
         <jar.plugin.version>3.1.0</jar.plugin.version>

diff --git a/sample/pom.xml b/sample/pom.xml
@@ -12,7 +12,7 @@
 
     <properties>
         <tomcat.version>8.0.39</tomcat.version>
-        <log4j2.version>2.13.3</log4j2.version>
+        <log4j2.version>2.15.0</log4j2.version>
         <logback.version>1.1.3</logback.version>
         <jackson.version>2.5.4</jackson.version>
         <slf4j.version>1.7.12</slf4j.version>