1.9.1 - upgrade log4j api & logback
Upgrade for security reasons log4j & logback.
- As only log4j api is used it's not affected by the log4shell. Various scanners (e.g. trivy) still mark log4j-api as vulnerabile even it it's not the case.
- logback has also a vulnerability which not affects vault-crd as scan=true must be set but to be also safe upgrade for it.