You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jdo-commits@db.apache.org by mb...@apache.org on 2021/12/18 23:52:11 UTC
[db-jdo] branch 3.2 updated: JDO-800: update Log4j version to 2.17.0 because of CVE-2021-45105
This is an automated email from the ASF dual-hosted git repository.
mbo pushed a commit to branch 3.2
in repository https://gitbox.apache.org/repos/asf/db-jdo.git
The following commit(s) were added to refs/heads/3.2 by this push:
new 2ec7bf2 JDO-800: update Log4j version to 2.17.0 because of CVE-2021-45105
2ec7bf2 is described below
commit 2ec7bf2a9971f9f08099b44c65cfcbbb9a850527
Author: Michael Bouschen <mb...@apache.org>
AuthorDate: Sun Dec 19 00:52:01 2021 +0100
JDO-800: update Log4j version to 2.17.0 because of CVE-2021-45105
---
tck/pom.xml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tck/pom.xml b/tck/pom.xml
index c6ded4e..9a44d76 100644
--- a/tck/pom.xml
+++ b/tck/pom.xml
@@ -218,17 +218,17 @@
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-api</artifactId>
- <version>2.16.0</version>
+ <version>2.17.0</version>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
- <version>2.16.0</version>
+ <version>2.17.0</version>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-jcl</artifactId>
- <version>2.16.0</version>
+ <version>2.17.0</version>
</dependency>
<dependency>
<!-- License: CDDL + GPLv2 with classpath exception https://github.com/javaee/javax.annotation/blob/master/LICENSE -->