From 0f602c5c5990ae4789e4d7742f41ea976e77eae7 Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Sun, 12 Dec 2021 14:11:38 +0000 Subject: [PATCH] Bump log4j and testcontainers to avoid log4j CVE (#89) * fix: pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2314720 * Bump testcontainers version to allow tests to pass Co-authored-by: Asaf Mesika --- pom.xml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/pom.xml b/pom.xml index 256fc77..df73d91 100644 --- a/pom.xml +++ b/pom.xml @@ -141,11 +141,10 @@ 4.13.1 test - org.testcontainers testcontainers - 1.14.3 + 1.16.2 test @@ -164,12 +163,12 @@ org.apache.logging.log4j log4j-slf4j-impl - 2.13.3 + 2.15.0 org.apache.logging.log4j log4j-core - 2.13.3 + 2.15.0 com.jayway.awaitility