Merge pull request #1 from atlasgurus/issue-10337-log4j-security-CVE-2021-44228

atlasgurus · web-flow · commit 09d2ff29feed · 2021-12-14T18:53:48.000-08:00
fix(issue-10337): Upgrade log4j to version 2.15.0 to address critical…
diff --git a/lib/plugins/create/templates/aws-java-maven/pom.xml b/lib/plugins/create/templates/aws-java-maven/pom.xml
@@ -22,12 +22,12 @@
     <dependency>
       <groupId>org.apache.logging.log4j</groupId>
       <artifactId>log4j-core</artifactId>
-      <version>2.8.2</version>
+      <version>2.16.0</version>
     </dependency>
     <dependency>
       <groupId>org.apache.logging.log4j</groupId>
       <artifactId>log4j-api</artifactId>
-      <version>2.8.2</version>
+      <version>2.16.0</version>
     </dependency>
     <dependency>
       <groupId>com.fasterxml.jackson.core</groupId>
diff --git a/lib/plugins/create/templates/aws-kotlin-jvm-maven/pom.xml b/lib/plugins/create/templates/aws-kotlin-jvm-maven/pom.xml
@@ -46,12 +46,12 @@
         <dependency>
             <groupId>org.apache.logging.log4j</groupId>
             <artifactId>log4j-core</artifactId>
-            <version>2.11.1</version>
+            <version>2.16.0</version>
         </dependency>
         <dependency>
             <groupId>org.apache.logging.log4j</groupId>
             <artifactId>log4j-api</artifactId>
-            <version>2.11.1</version>
+            <version>2.16.0</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
