Update log4j to deal with CVE-2021-44228 Change-Id: Ie8772b0275433e0c2a302a87c43bae4db0ec8219

commit: 849199f04926b911745ee9dce660e8b0934fe7e3 [log] [tgz]
author: Akron <nils@diewald-online.de> Fri Dec 10 11:52:38 2021 +0100
committer: Akron <nils@diewald-online.de> Fri Dec 10 11:52:38 2021 +0100
tree: f11b0581680770618d55017f14ccb46a4057d824
parent: 9938c0e8b94c3ad52e37499177d8e3b093c4b18b [diff]
diff --git a/Changes b/Changes
index 84e4bed..f8af8a2 100644
--- a/Changes
+++ b/Changes

@@ -1,11 +1,12 @@
-0.37 2021-06-24
+0.37 2021-12-10
     - [feature] Introduced query references in Poliqarp (diewald)
     - [bugfix] Ignore empty corpus queries (diewald)
     - [bugfix] Fix handling of apostrophes in multiword and regex
       values in virtual corpora (#85; diewald)
     - [feature] Added getVersion() and getName() methods (diewald)
-    - [bugfix] Updated plexus-utils used in antlr4-maven-plugin 
+    - [security] Updated plexus-utils used in antlr4-maven-plugin 
       manually due to CVE-2017-1000487 (margaretha)
+    - [security] Updated log4j due to CVE-2021-44228 (diewald)
 
 0.36 2020-07-24
     - [security] Upgraded version of Google Guava

diff --git a/pom.xml b/pom.xml
index b6e74d5..6d03fb7 100644
--- a/pom.xml
+++ b/pom.xml

@@ -40,7 +40,7 @@
 		<antlr4.version>4.9.2</antlr4.version>
 		<antlr3.version>3.5.2</antlr3.version>
 		<java.version>1.8</java.version>
-		<log4j.version>2.14.1</log4j.version>
+		<log4j.version>[2.15.0,)</log4j.version>
 	</properties>
 	
 	<repositories>
commit	849199f04926b911745ee9dce660e8b0934fe7e3	[log] [tgz]
author	Akron <nils@diewald-online.de>	Fri Dec 10 11:52:38 2021 +0100
committer	Akron <nils@diewald-online.de>	Fri Dec 10 11:52:38 2021 +0100
tree	f11b0581680770618d55017f14ccb46a4057d824
parent	9938c0e8b94c3ad52e37499177d8e3b093c4b18b [diff]