Merge pull request #229 from splunk/log4j-2.16-CVE-2021-45046

Update log4j-core to 2.16 per CVE-2021-45046.
splunk · Dec 16, 2021 · 01cc589 · 01cc589
2 parents b717716 + 7a7882e
commit 01cc589
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,9 +1,14 @@
 # Splunk Logging for Java Changelog
 
+## Version 1.11.2
+
+### Critical Security Update
+* Upgrading log4J to 2.16 per CVE-2021-45046.
+
 ## Version 1.11.1
 
-### Minor Changes
-* Upgrading log4J per CVE-2021-44228. [PR](https://github.com/splunk/splunk-library-javalogging/pull/222)
+### Critical Security Update
+* Upgrading log4J to 2.15 per CVE-2021-44228. [PR](https://github.com/splunk/splunk-library-javalogging/pull/222)
 
 ## Version 1.11.0
 

diff --git a/pom.xml b/pom.xml
@@ -5,7 +5,7 @@
 
     <groupId>com.splunk.logging</groupId>
     <artifactId>splunk-library-javalogging</artifactId>
-    <version>1.11.1</version>
+    <version>1.11.2</version>
     <packaging>jar</packaging>
 
     <name>Splunk Logging for Java</name>
@@ -221,7 +221,7 @@
             <groupId>org.apache.logging.log4j</groupId>
             <artifactId>log4j-core</artifactId>
             <scope>provided</scope>
-            <version>2.15.0</version>
+            <version>2.16.0</version>
         </dependency>
 
         <dependency>