From 1abc9c85c0b73a3992265e4ea720902cbe8fe92b Mon Sep 17 00:00:00 2001
From: filipecosta90 <filipecosta.90@gmail.com>
Date: Mon, 20 Dec 2021 16:05:23 +0000
Subject: [PATCH] CVE-2021-45105: Bumping Log4j to 2.17.0 on elasticsearch5,
 ignite, and voltdb

---
 elasticsearch5/pom.xml | 4 ++--
 ignite/pom.xml         | 4 ++--
 voltdb/pom.xml         | 6 +++---
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/elasticsearch5/pom.xml b/elasticsearch5/pom.xml
index 5d3ff06710..f10476cf05 100644
--- a/elasticsearch5/pom.xml
+++ b/elasticsearch5/pom.xml
@@ -165,12 +165,12 @@ LICENSE file.
     <dependency>
       <groupId>org.apache.logging.log4j</groupId>
       <artifactId>log4j-api</artifactId>
-      <version>2.8.2</version>
+      <version>2.17.0</version>
     </dependency>
     <dependency>
       <groupId>org.apache.logging.log4j</groupId>
       <artifactId>log4j-core</artifactId>
-      <version>2.8.2</version>
+      <version>2.17.0</version>
     </dependency>
     <dependency>
       <groupId>junit</groupId>
diff --git a/ignite/pom.xml b/ignite/pom.xml
index eabf8d67d9..7b3ed0d496 100644
--- a/ignite/pom.xml
+++ b/ignite/pom.xml
@@ -87,13 +87,13 @@ LICENSE file.
     <dependency>
       <groupId>org.apache.logging.log4j</groupId>
       <artifactId>log4j-api</artifactId>
-      <version>2.11.0</version>
+      <version>2.17.0</version>
     </dependency>
 
     <dependency>
       <groupId>org.apache.logging.log4j</groupId>
       <artifactId>log4j-core</artifactId>
-      <version>2.11.0</version>
+      <version>2.17.0</version>
     </dependency>
   </dependencies>
 </project>
diff --git a/voltdb/pom.xml b/voltdb/pom.xml
index ab870853ad..6c8cbd2b74 100644
--- a/voltdb/pom.xml
+++ b/voltdb/pom.xml
@@ -44,17 +44,17 @@
 		<dependency>
 			<groupId>org.apache.logging.log4j</groupId>
 			<artifactId>log4j-api</artifactId>
-			<version>2.7</version>
+			<version>2.17.0</version>
 		</dependency>
 		<dependency>
 			<groupId>org.apache.logging.log4j</groupId>
 			<artifactId>log4j-core</artifactId>
-			<version>2.7</version>
+			<version>2.17.0</version>
 		</dependency>
 		<dependency>
 			<groupId>org.apache.logging.log4j</groupId>
 			<artifactId>log4j-slf4j-impl</artifactId>
-			<version>2.7</version>
+			<version>2.17.0</version>
 		</dependency>
 		<!-- https://mvnrepository.com/artifact/org.voltdb/voltdbclient -->
 		<dependency>