commit eb2de1fcbe46ddd013b782ce8f6597bf18844724
author Matt Sicker <boards@gmail.com> Mon Dec 20 21:52:20 2021 -0600
committer Matt Sicker <boards@gmail.com> Mon Dec 20 21:52:20 2021 -0600
tree 614190d3bd65bb604023977f6bfd300fd96a13bf
parent 7be1b7997daf6b00ff5a8ae4ecda911e0e87cc3c

Update log4j to 2.17.0

README.md

diff --git a/README.md b/README.md
index 505436c..d693b1d 100644
--- a/README.md
+++ b/README.md
@@ -15,8 +15,8 @@
 
 ```groovy
 compile "org.apache.logging.log4j:log4j-api-kotlin:1.2.0"
-compile "org.apache.logging.log4j:log4j-api:2.16.0"
-compile "org.apache.logging.log4j:log4j-core:2.16.0"
+compile "org.apache.logging.log4j:log4j-api:2.17.0"
+compile "org.apache.logging.log4j:log4j-core:2.17.0"
 ```
 
 ## Documentation
@@ -28,7 +28,7 @@
 
 ## Requirements
 
-Log4j Kotlin API requires at least Java 7. This also requires Log4j 2 API, but it is specified as transitive
+Log4j Kotlin API requires at least Java 8. This also requires Log4j 2 API, but it is specified as transitive
 dependencies automatically if you are using SBT, Maven, Gradle, or some other similar build system. This also
 requires Log4j 2 Core (or possibly an other implementation of Log4j 2 API) as a runtime dependency. Some
 Log4j 2 Core features require optional dependencies which are documented in the 

pom.xml

diff --git a/pom.xml b/pom.xml
index af16619..8d4559e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -31,7 +31,6 @@
   <name>Apache Log4j Kotlin API Parent</name>
   <description>Apache Log4j Kotlin API parent project</description>
 
-  <!-- TODO: website publishing -->
   <url>https://logging.apache.org/log4j/kotlin/</url>
   <scm>
     <connection>scm:git:https://gitbox.apache.org/repos/asf/logging-log4j-kotlin.git</connection>
@@ -60,7 +59,7 @@
     <jxr.plugin.version>2.5</jxr.plugin.version>
     <kotlin.version>1.3.72</kotlin.version>
     <kotlinx.coroutines.version>1.3.6</kotlinx.coroutines.version>
-    <log4j.version>2.16.0</log4j.version>
+    <log4j.version>2.17.0</log4j.version>
     <pmd.plugin.version>3.8</pmd.plugin.version>
     <rat.plugin.version>0.12</rat.plugin.version>
     <site.plugin.version>3.4</site.plugin.version>

src/changes/changes.xml

diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 9f4b3c7..c941054 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -30,9 +30,10 @@
          - "update" - Change
          - "remove" - Removed
     -->
-    <release version="1.2.0" date="2021-12-13" description="Release 1.2.0">
+    <release version="1.2.0" date="2021-12-20" description="Release 1.2.0">
       <action issue="LOG4J2-3218" dev="rgupta" type="update">
-        Update Log4j dependency to 2.16.0.
+        Update Log4j dependency to 2.17.0. Includes dependency updates to resolve
+        CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105.
       </action>
     </release>
     <release version="1.1.0" date="2021-08-28" description="Release 1.1.0">