From 9a85a782c93d31ebadd171b3ddeb3ec4b50e637b Mon Sep 17 00:00:00 2001
From: BhushanRade <bhusrad1@in.ibm.com>
Date: Thu, 16 Dec 2021 13:07:12 +0530
Subject: [PATCH] log4j vuln fix

(cherry picked from commit a158dfc426d5e25aceeab10ff339c8820c634d1a)

Conflicts:
	pom.xml
	provider/notification-ibm/pom.xml
---
 pom.xml                           | 14 +++++++++++++-
 provider/notification-ibm/pom.xml |  2 +-
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 7243ae474..8ca030019 100644
--- a/pom.xml
+++ b/pom.xml
@@ -25,7 +25,8 @@
 		<java.version>8</java.version>
 		<maven.compiler.target>${java.version}</maven.compiler.target>
 		<maven.compiler.source>${java.version}</maven.compiler.source>
-		<os-core-common.version>0.11.0</os-core-common.version>
+		<os-core-common.version>0.12.2</os-core-common.version>
+		<log4j2.version>2.16.0</log4j2.version>
 	</properties>
 
 	<licenses>
@@ -71,6 +72,17 @@
 				<artifactId>jackson-annotations</artifactId>
 				<version>2.12.3</version>
 			</dependency>
+			
+			<dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-to-slf4j</artifactId>
+                <version>${log4j2.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-api</artifactId>
+                <version>${log4j2.version}</version>
+            </dependency>
 		</dependencies>
 	</dependencyManagement>
 
diff --git a/provider/notification-ibm/pom.xml b/provider/notification-ibm/pom.xml
index 99993332c..43ff6afa5 100644
--- a/provider/notification-ibm/pom.xml
+++ b/provider/notification-ibm/pom.xml
@@ -44,7 +44,7 @@
         <dependency>
             <groupId>org.opengroup.osdu</groupId>
             <artifactId>os-core-lib-ibm</artifactId>
-            <version>0.12.0</version>
+            <version>0.12.1</version>
         </dependency>
 
         <dependency>
-- 
GitLab