Apache Log4j 远程代码执行漏洞 版本更新

dgtis-modules/dgtis-modules-data/pom.xml

@@ -92,6 +92,12 @@
             <groupId>com.arronlong</groupId>
             <artifactId>httpclientutil</artifactId>
             <version>1.0.4</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>log4j</groupId>
+                    <artifactId>log4j</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <!--        工具集-->
         <dependency>

pom.xml

@@ -34,7 +34,7 @@
         <minio.version>8.0.3</minio.version>
 		<poi.version>3.17</poi.version>
         <common-pool.version>2.6.2</common-pool.version>
-
+        <log4j2.version>2.17.0</log4j2.version>
         <!--docker 部署配置 start-->
         <namespace>shanghailifeecif</namespace>
         <!--开发环境docker 地址-->
@@ -44,7 +44,16 @@
     <!-- 依赖声明 -->
     <dependencyManagement>
         <dependencies>
-
+<!--            <dependency>-->
+<!--                <groupId>org.springframework.boot</groupId>-->
+<!--                <artifactId>spring-boot-starter</artifactId>-->
+<!--                <exclusions>-->
+<!--                    <exclusion>-->
+<!--                        <groupId>org.springframework.boot</groupId>-->
+<!--                        <artifactId>spring-boot-starter-logging</artifactId>-->
+<!--                    </exclusion>-->
+<!--                </exclusions>-->
+<!--            </dependency>-->
             <!-- SpringCloud 微服务 -->
             <dependency>
                 <groupId>org.springframework.cloud</groupId>
@@ -202,7 +211,45 @@
                 <artifactId>dgtis-api-system</artifactId>
                 <version>${dgtis.version}</version>
             </dependency>
-			
+
+    <!-- log4j 依赖 -->
+            <dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-slf4j-impl</artifactId>
+                <version>${log4j2.version}</version>
+                <scope>compile</scope>
+                <exclusions>
+                    <exclusion>
+                        <artifactId>log4j-api</artifactId>
+                        <groupId>org.apache.logging.log4j</groupId>
+                    </exclusion>
+                    <exclusion>
+                        <artifactId>log4j-core</artifactId>
+                        <groupId>org.apache.logging.log4j</groupId>
+                    </exclusion>
+                </exclusions>
+            </dependency>
+
+            <dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-api</artifactId>
+                <version>${log4j2.version}</version>
+                <scope>compile</scope>
+            </dependency>
+
+
+            <dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-core</artifactId>
+                <version>${log4j2.version}</version>
+                <scope>compile</scope>
+                <exclusions>
+                    <exclusion>
+                        <artifactId>log4j-api</artifactId>
+                        <groupId>org.apache.logging.log4j</groupId>
+                    </exclusion>
+                </exclusions>
+            </dependency>
         </dependencies>
     </dependencyManagement>