STORM-3810: bumping log4j.version to 2.17.0 and disruptor.version to 3.4.4 (CVE-2021-44228, CVE-2021-45046) (#3427) * CVE-2021-44228: bumping log4j.version to 2.17.0 and disruptor.version to 3.4.4 Co-authored-by: Paolo Cancedda <paolo.cancedda@primeur.com>

commit: 3c5e897448d79b81a8d05a1aa124dcab16c87efd [log] [tgz]
author: Paolo Cancedda <paolo.cancedda@gmail.com> Mon Dec 20 18:56:14 2021 +0100
committer: GitHub <noreply@github.com> Mon Dec 20 11:56:14 2021 -0600
tree: c564846d34ca35b19536fc99676b14ebd3c83967
parent: 07ee99be02993d4d96f6b028351b9ce59c08f6b2 [diff]
diff --git a/pom.xml b/pom.xml
index c5a4139..ddaad4f 100644
--- a/pom.xml
+++ b/pom.xml

@@ -241,12 +241,12 @@
         <snakeyaml.version>1.11</snakeyaml.version>
         <httpclient.version>4.3.3</httpclient.version>
         <clojure.tools.cli.version>0.2.4</clojure.tools.cli.version>
-        <disruptor.version>3.3.11</disruptor.version>
+        <disruptor.version>3.4.4</disruptor.version>
         <jgrapht.version>0.9.0</jgrapht.version>
         <guava.version>16.0.1</guava.version>
         <netty.version>3.9.9.Final</netty.version>
         <log4j-over-slf4j.version>1.6.6</log4j-over-slf4j.version>
-        <log4j.version>2.8.2</log4j.version>
+        <log4j.version>2.17.0</log4j.version>
         <slf4j.version>1.7.21</slf4j.version>
         <metrics.version>3.1.0</metrics.version>
         <clojure.tools.nrepl.version>0.2.3</clojure.tools.nrepl.version>
commit	3c5e897448d79b81a8d05a1aa124dcab16c87efd	[log] [tgz]
author	Paolo Cancedda <paolo.cancedda@gmail.com>	Mon Dec 20 18:56:14 2021 +0100
committer	GitHub <noreply@github.com>	Mon Dec 20 11:56:14 2021 -0600
tree	c564846d34ca35b19536fc99676b14ebd3c83967
parent	07ee99be02993d4d96f6b028351b9ce59c08f6b2 [diff]