fix for log4j upgrade to log4j 2.16.0

module pom changes	Ref Issue
IBM	osdu/platform/system/lib/cloud/ibm/os-core-lib-ibm#2 (closed)
Core	osdu/platform/system/lib/core/os-core-common#54 (closed)

Part of the #24 (closed) series

added Common Code IBM labels

assigned to @divido and @shrikgar

changed the description

Still some older versions creeping in here

Branch:  log4j-vuln-fix          
SHA:     dcfe195c29cdbe0f2f8985eee6c768a51d56b06b
Maven:   0.13.0-SNAPSHOT
CI:      _default_

Maven Dependencies	Root POM	testing/
(3rd Party) org.apache.logging.log4j.log4j-api	2.15.0, 2.16.0	2.11.1
(3rd Party) org.apache.logging.log4j.log4j-core	2.15.0
(3rd Party) org.apache.logging.log4j.log4j-jul	2.15.0
(3rd Party) org.apache.logging.log4j.log4j-slf4j-impl	2.15.0
(3rd Party) org.apache.logging.log4j.log4j-to-slf4j	2.16.0	2.11.2, 2.13.3
core-lib-azure	0.13.0-rc4
core-lib-gcp	0.7.0, 0.10.0	0.3.25
core.aws.os-core-lib-aws	0.12.0	0.12.0
os-core-common	0.13.0-rc3	0.3.18, 0.12.0
os-core-lib-ibm	0.13.0-rc4	0.12.0

---

[INFO] |  +- org.springframework.boot:spring-boot-starter-log4j2:jar:2.4.12:compile
[INFO] |  |  +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:compile
[INFO] |  |  |  \- org.apache.logging.log4j:log4j-api:jar:2.15.0:compile
[INFO] |  |  +- org.apache.logging.log4j:log4j-core:jar:2.15.0:compile
[INFO] |  |  +- org.apache.logging.log4j:log4j-jul:jar:2.15.0:compile

@divido We have addressed core changes and IBM changes in this MR. The above older versions you see are from azure and gcp which ideally should be fixed whey they upgrade their respective core-lib

approved this merge request

mentioned in commit 20a51f44

merged

mentioned in merge request !124 (merged)

added MRBugfix Vulnerability Management labels

changed milestone to %M10 - Release 0.13