Bump org.apache.logging.log4j dependency set from 2.17.1 to 2.19.0

Bumps `org.apache.logging.log4j` dependency set from 2.17.1 to 2.19.0. Updates `log4j-api` from 2.17.1 to 2.19.0 Updates `log4j-to-slf4j` from 2.17.1 to 2.19.0 --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-api dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.apache.logging.log4j:log4j-to-slf4j dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
hmcts · Feb 6, 2023 · 524bab3 · 524bab3
1 parent 6f88fed
commit 524bab3
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/build.gradle b/build.gradle
@@ -161,7 +161,7 @@ allprojects {
                 entry 'tomcat-embed-el'
             }
             //CVE-2021-44228, CVE-2021-44832, CVE-2021-45046, CVE-2021-45105
-            dependencySet(group: 'org.apache.logging.log4j', version: '2.17.1') {
+            dependencySet(group: 'org.apache.logging.log4j', version: '2.19.0') {
                 entry 'log4j-api'
                 entry 'log4j-to-slf4j'
             }