From 3aa73ec0fd21ce751f11c0f6fa70d8477c4534e0 Mon Sep 17 00:00:00 2001
From: Hugo Gillberg <35702510+hugil@users.noreply.github.com>
Date: Tue, 21 Dec 2021 12:36:50 +0100
Subject: [PATCH] CVE-2021-45105 addressed in Log4j 2.17.0 for Java 8 and up.

Important: Security Vulnerability CVE-2021-45105
The Log4j team has been made aware of a security vulnerability, CVE-2021-45105, that has been addressed in Log4j 2.17.0 for Java 8 and up.

Summary: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation.
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 41f478a..3af660d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -17,7 +17,7 @@
 
         <!-- Version Management -->
         <commons_cli>1.4</commons_cli>
-        <log4j2>2.16.0</log4j2>
+        <log4j2>2.17.0</log4j2>
         <junit>5.6.2</junit>
         <surefire>2.22.1</surefire>
     </properties>