From 453398a57d2f66ca0202c65435ed146cd373cfc7 Mon Sep 17 00:00:00 2001
From: Andriy Redko <andriy.redko@aiven.io>
Date: Mon, 23 Oct 2023 10:07:11 -0400
Subject: [PATCH] Bumps org.apache.logging.log4j:log4j-core from 2.20.0 to
 2.21.0

Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
---
 .../src/testKit/thirdPartyAudit/sample_jars/build.gradle     | 1 +
 buildSrc/version.properties                                  | 2 +-
 libs/core/licenses/log4j-api-2.20.0.jar.sha1                 | 1 -
 libs/core/licenses/log4j-api-2.21.0.jar.sha1                 | 1 +
 plugins/crypto-kms/licenses/log4j-1.2-api-2.20.0.jar.sha1    | 1 -
 plugins/crypto-kms/licenses/log4j-1.2-api-2.21.0.jar.sha1    | 1 +
 .../licenses/log4j-1.2-api-2.20.0.jar.sha1                   | 1 -
 .../licenses/log4j-1.2-api-2.21.0.jar.sha1                   | 1 +
 plugins/discovery-ec2/licenses/log4j-1.2-api-2.20.0.jar.sha1 | 1 -
 plugins/discovery-ec2/licenses/log4j-1.2-api-2.21.0.jar.sha1 | 1 +
 plugins/discovery-gce/licenses/log4j-1.2-api-2.20.0.jar.sha1 | 1 -
 plugins/discovery-gce/licenses/log4j-1.2-api-2.21.0.jar.sha1 | 1 +
 .../repository-gcs/licenses/log4j-1.2-api-2.20.0.jar.sha1    | 1 -
 .../repository-gcs/licenses/log4j-1.2-api-2.21.0.jar.sha1    | 1 +
 .../licenses/log4j-slf4j-impl-2.20.0.jar.sha1                | 1 -
 .../licenses/log4j-slf4j-impl-2.21.0.jar.sha1                | 1 +
 plugins/repository-s3/licenses/log4j-1.2-api-2.20.0.jar.sha1 | 1 -
 plugins/repository-s3/licenses/log4j-1.2-api-2.21.0.jar.sha1 | 1 +
 qa/os/build.gradle                                           | 5 +++++
 server/build.gradle                                          | 4 +++-
 server/licenses/log4j-api-2.20.0.jar.sha1                    | 1 -
 server/licenses/log4j-api-2.21.0.jar.sha1                    | 1 +
 server/licenses/log4j-core-2.20.0.jar.sha1                   | 1 -
 server/licenses/log4j-core-2.21.0.jar.sha1                   | 1 +
 server/licenses/log4j-jul-2.20.0.jar.sha1                    | 1 -
 server/licenses/log4j-jul-2.21.0.jar.sha1                    | 1 +
 26 files changed, 21 insertions(+), 13 deletions(-)
 delete mode 100644 libs/core/licenses/log4j-api-2.20.0.jar.sha1
 create mode 100644 libs/core/licenses/log4j-api-2.21.0.jar.sha1
 delete mode 100644 plugins/crypto-kms/licenses/log4j-1.2-api-2.20.0.jar.sha1
 create mode 100644 plugins/crypto-kms/licenses/log4j-1.2-api-2.21.0.jar.sha1
 delete mode 100644 plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.20.0.jar.sha1
 create mode 100644 plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.21.0.jar.sha1
 delete mode 100644 plugins/discovery-ec2/licenses/log4j-1.2-api-2.20.0.jar.sha1
 create mode 100644 plugins/discovery-ec2/licenses/log4j-1.2-api-2.21.0.jar.sha1
 delete mode 100644 plugins/discovery-gce/licenses/log4j-1.2-api-2.20.0.jar.sha1
 create mode 100644 plugins/discovery-gce/licenses/log4j-1.2-api-2.21.0.jar.sha1
 delete mode 100644 plugins/repository-gcs/licenses/log4j-1.2-api-2.20.0.jar.sha1
 create mode 100644 plugins/repository-gcs/licenses/log4j-1.2-api-2.21.0.jar.sha1
 delete mode 100644 plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.20.0.jar.sha1
 create mode 100644 plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.21.0.jar.sha1
 delete mode 100644 plugins/repository-s3/licenses/log4j-1.2-api-2.20.0.jar.sha1
 create mode 100644 plugins/repository-s3/licenses/log4j-1.2-api-2.21.0.jar.sha1
 delete mode 100644 server/licenses/log4j-api-2.20.0.jar.sha1
 create mode 100644 server/licenses/log4j-api-2.21.0.jar.sha1
 delete mode 100644 server/licenses/log4j-core-2.20.0.jar.sha1
 create mode 100644 server/licenses/log4j-core-2.21.0.jar.sha1
 delete mode 100644 server/licenses/log4j-jul-2.20.0.jar.sha1
 create mode 100644 server/licenses/log4j-jul-2.21.0.jar.sha1

diff --git a/buildSrc/src/testKit/thirdPartyAudit/sample_jars/build.gradle b/buildSrc/src/testKit/thirdPartyAudit/sample_jars/build.gradle
index 52ec539dd50ba..74c88e0961c9c 100644
--- a/buildSrc/src/testKit/thirdPartyAudit/sample_jars/build.gradle
+++ b/buildSrc/src/testKit/thirdPartyAudit/sample_jars/build.gradle
@@ -15,6 +15,7 @@ plugins {
 repositories {
   mavenCentral()
 }
+
 dependencies {
   implementation "org.apache.logging.log4j:log4j-core:2.21.0"
 }
diff --git a/buildSrc/version.properties b/buildSrc/version.properties
index a5171aa582a86..96d398c35851d 100644
--- a/buildSrc/version.properties
+++ b/buildSrc/version.properties
@@ -14,7 +14,7 @@ jackson_databind  = 2.15.2
 snakeyaml         = 2.1
 icu4j             = 70.1
 supercsv          = 2.4.0
-log4j             = 2.20.0
+log4j             = 2.21.0
 slf4j             = 1.7.36
 asm               = 9.6
 jettison          = 1.5.4
diff --git a/libs/core/licenses/log4j-api-2.20.0.jar.sha1 b/libs/core/licenses/log4j-api-2.20.0.jar.sha1
deleted file mode 100644
index 37154d9861ac0..0000000000000
--- a/libs/core/licenses/log4j-api-2.20.0.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-1fe6082e660daf07c689a89c94dc0f49c26b44bb
\ No newline at end of file
diff --git a/libs/core/licenses/log4j-api-2.21.0.jar.sha1 b/libs/core/licenses/log4j-api-2.21.0.jar.sha1
new file mode 100644
index 0000000000000..51446052594aa
--- /dev/null
+++ b/libs/core/licenses/log4j-api-2.21.0.jar.sha1
@@ -0,0 +1 @@
+760192f2b69eacf4a4afc78e5a1d7a8de054fcbd
\ No newline at end of file
diff --git a/plugins/crypto-kms/licenses/log4j-1.2-api-2.20.0.jar.sha1 b/plugins/crypto-kms/licenses/log4j-1.2-api-2.20.0.jar.sha1
deleted file mode 100644
index 9829576d38ce0..0000000000000
--- a/plugins/crypto-kms/licenses/log4j-1.2-api-2.20.0.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-689151374756cb809cb029f2501015bdc7733179
\ No newline at end of file
diff --git a/plugins/crypto-kms/licenses/log4j-1.2-api-2.21.0.jar.sha1 b/plugins/crypto-kms/licenses/log4j-1.2-api-2.21.0.jar.sha1
new file mode 100644
index 0000000000000..39d9177cb2fac
--- /dev/null
+++ b/plugins/crypto-kms/licenses/log4j-1.2-api-2.21.0.jar.sha1
@@ -0,0 +1 @@
+12bad3819a9570807f3c97315930699584c12152
\ No newline at end of file
diff --git a/plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.20.0.jar.sha1 b/plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.20.0.jar.sha1
deleted file mode 100644
index 9829576d38ce0..0000000000000
--- a/plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.20.0.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-689151374756cb809cb029f2501015bdc7733179
\ No newline at end of file
diff --git a/plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.21.0.jar.sha1 b/plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.21.0.jar.sha1
new file mode 100644
index 0000000000000..39d9177cb2fac
--- /dev/null
+++ b/plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.21.0.jar.sha1
@@ -0,0 +1 @@
+12bad3819a9570807f3c97315930699584c12152
\ No newline at end of file
diff --git a/plugins/discovery-ec2/licenses/log4j-1.2-api-2.20.0.jar.sha1 b/plugins/discovery-ec2/licenses/log4j-1.2-api-2.20.0.jar.sha1
deleted file mode 100644
index 9829576d38ce0..0000000000000
--- a/plugins/discovery-ec2/licenses/log4j-1.2-api-2.20.0.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-689151374756cb809cb029f2501015bdc7733179
\ No newline at end of file
diff --git a/plugins/discovery-ec2/licenses/log4j-1.2-api-2.21.0.jar.sha1 b/plugins/discovery-ec2/licenses/log4j-1.2-api-2.21.0.jar.sha1
new file mode 100644
index 0000000000000..39d9177cb2fac
--- /dev/null
+++ b/plugins/discovery-ec2/licenses/log4j-1.2-api-2.21.0.jar.sha1
@@ -0,0 +1 @@
+12bad3819a9570807f3c97315930699584c12152
\ No newline at end of file
diff --git a/plugins/discovery-gce/licenses/log4j-1.2-api-2.20.0.jar.sha1 b/plugins/discovery-gce/licenses/log4j-1.2-api-2.20.0.jar.sha1
deleted file mode 100644
index 9829576d38ce0..0000000000000
--- a/plugins/discovery-gce/licenses/log4j-1.2-api-2.20.0.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-689151374756cb809cb029f2501015bdc7733179
\ No newline at end of file
diff --git a/plugins/discovery-gce/licenses/log4j-1.2-api-2.21.0.jar.sha1 b/plugins/discovery-gce/licenses/log4j-1.2-api-2.21.0.jar.sha1
new file mode 100644
index 0000000000000..39d9177cb2fac
--- /dev/null
+++ b/plugins/discovery-gce/licenses/log4j-1.2-api-2.21.0.jar.sha1
@@ -0,0 +1 @@
+12bad3819a9570807f3c97315930699584c12152
\ No newline at end of file
diff --git a/plugins/repository-gcs/licenses/log4j-1.2-api-2.20.0.jar.sha1 b/plugins/repository-gcs/licenses/log4j-1.2-api-2.20.0.jar.sha1
deleted file mode 100644
index 9829576d38ce0..0000000000000
--- a/plugins/repository-gcs/licenses/log4j-1.2-api-2.20.0.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-689151374756cb809cb029f2501015bdc7733179
\ No newline at end of file
diff --git a/plugins/repository-gcs/licenses/log4j-1.2-api-2.21.0.jar.sha1 b/plugins/repository-gcs/licenses/log4j-1.2-api-2.21.0.jar.sha1
new file mode 100644
index 0000000000000..39d9177cb2fac
--- /dev/null
+++ b/plugins/repository-gcs/licenses/log4j-1.2-api-2.21.0.jar.sha1
@@ -0,0 +1 @@
+12bad3819a9570807f3c97315930699584c12152
\ No newline at end of file
diff --git a/plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.20.0.jar.sha1 b/plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.20.0.jar.sha1
deleted file mode 100644
index 800a4aa87ba0e..0000000000000
--- a/plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.20.0.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-7ab4f082fd162f60afcaf2b8744a3d959feab3e8
\ No newline at end of file
diff --git a/plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.21.0.jar.sha1 b/plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.21.0.jar.sha1
new file mode 100644
index 0000000000000..0e22f98daa61c
--- /dev/null
+++ b/plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.21.0.jar.sha1
@@ -0,0 +1 @@
+911fdb5b1a1df36719c579ecc6f2957b88bce1ab
\ No newline at end of file
diff --git a/plugins/repository-s3/licenses/log4j-1.2-api-2.20.0.jar.sha1 b/plugins/repository-s3/licenses/log4j-1.2-api-2.20.0.jar.sha1
deleted file mode 100644
index 9829576d38ce0..0000000000000
--- a/plugins/repository-s3/licenses/log4j-1.2-api-2.20.0.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-689151374756cb809cb029f2501015bdc7733179
\ No newline at end of file
diff --git a/plugins/repository-s3/licenses/log4j-1.2-api-2.21.0.jar.sha1 b/plugins/repository-s3/licenses/log4j-1.2-api-2.21.0.jar.sha1
new file mode 100644
index 0000000000000..39d9177cb2fac
--- /dev/null
+++ b/plugins/repository-s3/licenses/log4j-1.2-api-2.21.0.jar.sha1
@@ -0,0 +1 @@
+12bad3819a9570807f3c97315930699584c12152
\ No newline at end of file
diff --git a/qa/os/build.gradle b/qa/os/build.gradle
index 66c6525439dac..082ed5277575a 100644
--- a/qa/os/build.gradle
+++ b/qa/os/build.gradle
@@ -70,6 +70,11 @@ tasks.dependenciesInfo.enabled = false
 
 tasks.thirdPartyAudit.ignoreMissingClasses()
 
+tasks.thirdPartyAudit.ignoreViolations(
+  'org.apache.logging.log4j.core.util.internal.UnsafeUtil',
+  'org.apache.logging.log4j.core.util.internal.UnsafeUtil$1'
+)
+
 tasks.register('destructivePackagingTest') {
   dependsOn 'destructiveDistroTest'
 }
diff --git a/server/build.gradle b/server/build.gradle
index f6db3d53a0dcc..c56f9d5aa288f 100644
--- a/server/build.gradle
+++ b/server/build.gradle
@@ -364,7 +364,9 @@ tasks.named("thirdPartyAudit").configure {
             'com.google.protobuf.UnsafeUtil$Android32MemoryAccessor',
             'com.google.protobuf.UnsafeUtil$Android64MemoryAccessor',
             'com.google.protobuf.UnsafeUtil$JvmMemoryAccessor',
-            'com.google.protobuf.UnsafeUtil$MemoryAccessor'
+            'com.google.protobuf.UnsafeUtil$MemoryAccessor',
+            'org.apache.logging.log4j.core.util.internal.UnsafeUtil',
+            'org.apache.logging.log4j.core.util.internal.UnsafeUtil$1'
     )
 }
 
diff --git a/server/licenses/log4j-api-2.20.0.jar.sha1 b/server/licenses/log4j-api-2.20.0.jar.sha1
deleted file mode 100644
index 37154d9861ac0..0000000000000
--- a/server/licenses/log4j-api-2.20.0.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-1fe6082e660daf07c689a89c94dc0f49c26b44bb
\ No newline at end of file
diff --git a/server/licenses/log4j-api-2.21.0.jar.sha1 b/server/licenses/log4j-api-2.21.0.jar.sha1
new file mode 100644
index 0000000000000..51446052594aa
--- /dev/null
+++ b/server/licenses/log4j-api-2.21.0.jar.sha1
@@ -0,0 +1 @@
+760192f2b69eacf4a4afc78e5a1d7a8de054fcbd
\ No newline at end of file
diff --git a/server/licenses/log4j-core-2.20.0.jar.sha1 b/server/licenses/log4j-core-2.20.0.jar.sha1
deleted file mode 100644
index 49c972626563b..0000000000000
--- a/server/licenses/log4j-core-2.20.0.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-eb2a9a47b1396e00b5eee1264296729a70565cc0
\ No newline at end of file
diff --git a/server/licenses/log4j-core-2.21.0.jar.sha1 b/server/licenses/log4j-core-2.21.0.jar.sha1
new file mode 100644
index 0000000000000..c88e6f7a25ca9
--- /dev/null
+++ b/server/licenses/log4j-core-2.21.0.jar.sha1
@@ -0,0 +1 @@
+122e1a9e0603cc9eae07b0846a6ff01f2454bc49
\ No newline at end of file
diff --git a/server/licenses/log4j-jul-2.20.0.jar.sha1 b/server/licenses/log4j-jul-2.20.0.jar.sha1
deleted file mode 100644
index a456651e4569e..0000000000000
--- a/server/licenses/log4j-jul-2.20.0.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-8170e6118eac1ab332046c179718a0f107f688e1
\ No newline at end of file
diff --git a/server/licenses/log4j-jul-2.21.0.jar.sha1 b/server/licenses/log4j-jul-2.21.0.jar.sha1
new file mode 100644
index 0000000000000..480010840abca
--- /dev/null
+++ b/server/licenses/log4j-jul-2.21.0.jar.sha1
@@ -0,0 +1 @@
+f0da61113f4a47654677e6a98b1e13ca7de2483d
\ No newline at end of file