[jOOQ/jOOQ#12733] Update log4j to 2.15.0 because of CVE-2021-44228

2021-12-10 16:08:32 +01:00 · 2021-12-10 16:08:32 +01:00 · d07c1ad2e5
commit d07c1ad2e5
parent b88999c372
12 changed files with 11 additions and 38 deletions
--- a/jOOQ-examples/jOOQ-academy/pom.xml
+++ b/jOOQ-examples/jOOQ-academy/pom.xml
@ -45,7 +45,6 @@
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-slf4j-impl</artifactId>
-            <version>2.11.0</version>
        </dependency>

        <!-- Testing -->
--- a/jOOQ-examples/jOOQ-javaee-example/pom.xml
+++ b/jOOQ-examples/jOOQ-javaee-example/pom.xml
@ -100,7 +100,6 @@
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-slf4j-impl</artifactId>
-            <version>2.11.0</version>
        </dependency>

        <!-- Testing -->
--- a/jOOQ-examples/jOOQ-javafx-example/pom.xml
+++ b/jOOQ-examples/jOOQ-javafx-example/pom.xml
@ -42,7 +42,6 @@
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-slf4j-impl</artifactId>
-            <version>2.11.0</version>
        </dependency>

        <!-- JavaFX -->
--- a/jOOQ-examples/jOOQ-jpa-example/pom.xml
+++ b/jOOQ-examples/jOOQ-jpa-example/pom.xml
@ -73,7 +73,6 @@
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-slf4j-impl</artifactId>
-            <version>2.11.0</version>
        </dependency>

        <!-- Testing -->
--- a/jOOQ-examples/jOOQ-oracle-example/pom.xml
+++ b/jOOQ-examples/jOOQ-oracle-example/pom.xml
@ -42,7 +42,6 @@
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-slf4j-impl</artifactId>
-            <version>2.11.0</version>
        </dependency>

        <!-- Testing -->
--- a/jOOQ-examples/jOOQ-r2dbc-example/pom.xml
+++ b/jOOQ-examples/jOOQ-r2dbc-example/pom.xml
@ -12,10 +12,6 @@

    <artifactId>jooq-r2dbc-example</artifactId>
    
-    <properties>
-        <log4j.version>2.11.2</log4j.version>
-    </properties>
-
    <build>
        <plugins>
            <plugin>
@ -79,22 +75,14 @@
        <dependency>
            <groupId>io.r2dbc</groupId>
            <artifactId>r2dbc-h2</artifactId>
-            <version>0.8.4.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
-            <artifactId>log4j-slf4j18-impl</artifactId>
-            <version>${log4j.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.logging.log4j</groupId>
-            <artifactId>log4j-core</artifactId>
-            <version>${log4j.version}</version>
+            <artifactId>log4j-slf4j-impl</artifactId>
        </dependency>
        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
-            <version>4.13.1</version>
            <scope>test</scope>
        </dependency>
    </dependencies>
--- a/jOOQ-examples/jOOQ-spark-example/pom.xml
+++ b/jOOQ-examples/jOOQ-spark-example/pom.xml
@ -54,7 +54,6 @@
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-slf4j-impl</artifactId>
-            <version>2.11.0</version>
        </dependency>
        
        <!-- Testing -->
--- a/jOOQ-examples/jOOQ-spring-example/pom.xml
+++ b/jOOQ-examples/jOOQ-spring-example/pom.xml
@ -45,7 +45,6 @@
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-slf4j-impl</artifactId>
-            <version>2.11.0</version>
        </dependency>

        <!-- Spring (transitive dependencies are not listed explicitly) -->
--- a/jOOQ-examples/jOOQ-testcontainers-example/pom.xml
+++ b/jOOQ-examples/jOOQ-testcontainers-example/pom.xml
@ -44,14 +44,7 @@
        </dependency>
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
-            <artifactId>log4j-slf4j18-impl</artifactId>
-            <version>2.11.2</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.logging.log4j</groupId>
-            <artifactId>log4j-core</artifactId>
-            <version>2.11.2</version>
+            <artifactId>log4j-slf4j-impl</artifactId>
            <scope>test</scope>
        </dependency>

--- a/jOOQ-examples/jOOQ-testcontainers-flyway-example/pom.xml
+++ b/jOOQ-examples/jOOQ-testcontainers-flyway-example/pom.xml
@ -43,14 +43,7 @@
        </dependency>
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
-            <artifactId>log4j-slf4j18-impl</artifactId>
-            <version>2.11.2</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.logging.log4j</groupId>
-            <artifactId>log4j-core</artifactId>
-            <version>2.11.2</version>
+            <artifactId>log4j-slf4j-impl</artifactId>
            <scope>test</scope>
        </dependency>

--- a/jOOQ-scala_2.13/pom.xml
+++ b/jOOQ-scala_2.13/pom.xml
@ -102,7 +102,6 @@



-


    </dependencies>
--- a/pom.xml
+++ b/pom.xml
@ -276,7 +276,7 @@



-            <!-- Optional logging dependency -->
+            <!-- Optional logging dependencies -->
            <dependency>
                <groupId>org.slf4j</groupId>
                <artifactId>slf4j-api</artifactId>
@ -284,6 +284,13 @@
                <scope>provided</scope>
                <optional>true</optional>
            </dependency>
+            <dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-slf4j-impl</artifactId>
+                <version>2.15.0</version>
+                <scope>provided</scope>
+                <optional>true</optional>
+            </dependency>

            <!-- Optional JPA dependency -->
            <dependency>