security fix in log4j2 zero day exploit https://www.lunasec.io/docs/blog/log4j-zero-day/

bb7456f6 · Piotr Gawron · 2639e7f7 · bb7456f6 · bb7456f6
Commit bb7456f6 authored Dec 13, 2021 by Piotr Gawron
--- a/CHANGELOG
+++ b/CHANGELOG
-minerva (15.1.5) stable; urgency=medium
+minerva (15.1.5) stable; urgency=high
+  * Bug fix: security fix in log4j2 zero day exploit
+    https://www.lunasec.io/docs/blog/log4j-zero-day/
  * Bug fix: auto discovery of genomics file stopped working
  * Bug fix: better handle of 'Failed to fetch' error messages (#1565)
  * Bug fix: converter used invalid content-type charset when providing file
@@ -8,7 +10,7 @@ minerva (15.1.5) stable; urgency=medium
  * Bug fix: handle situation where there is reaction to Complex label in GPML
    format (#1570)

- -- Piotr Gawron <piotr.gawron@uni.lu>  Tue, 12 Oct 2021 9:00:00 +0200
+ -- Piotr Gawron <piotr.gawron@uni.lu>  Mon, 13 Dev 2021 9:00:00 +0200

 minerva (15.1.4) stable; urgency=medium
  * Bug fix: structural state information data was not available for complexes

--- a/pom.xml
+++ b/pom.xml
@@ -14,8 +14,9 @@
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

-		<log4j2.version>2.11.2</log4j2.version>
-		<log4j-jcl-version>2.11.2</log4j-jcl-version>
+		<log4j2.version>2.15.0</log4j2.version>
+		<log4j-jcl-version>2.15.0</log4j-jcl-version>
+		<log4j-slf4jVersion>2.15.0</log4j-slf4jVersion>

 		<mail-version>1.4.7</mail-version>

@@ -72,7 +73,6 @@

 		<hikari.version>3.3.1</hikari.version>
 		<slf4jVersion>1.7.25</slf4jVersion>
-		<log4j-slf4jVersion>2.11.2</log4j-slf4jVersion>

 		<cglib.version>3.2.12</cglib.version>