Bump version.log4j from 2.12.4 to 2.22.0

Bumps `version.log4j` from 2.12.4 to 2.22.0. Updates `org.apache.logging.log4j:log4j-core` from 2.12.4 to 2.22.0 Updates `org.apache.logging.log4j:log4j-slf4j-impl` from 2.12.4 to 2.22.0 --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-core dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.apache.logging.log4j:log4j-slf4j-impl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
elastic · Dec 4, 2023 · ed7356a · ed7356a
1 parent f298531
commit ed7356a
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/pom.xml b/pom.xml
@@ -125,7 +125,7 @@
         <!-- this is the last version of log4j that is compatible with Java 7. Due to a known vulnerability
         (https://nvd.nist.gov/vuln/detail/CVE-2020-9488#vulnCurrentDescriptionTitle), the SMTP appender is
          excluded from the build and not packaged into the agent artifacts -->
-        <version.log4j>2.12.4</version.log4j>
+        <version.log4j>2.22.0</version.log4j>
         <version.ecs.logging>1.5.0</version.ecs.logging>
         <version.spring>5.0.15.RELEASE</version.spring>
         <version.jetty-server>9.4.11.v20180605</version.jetty-server>