From dbccbdbffe69f79dc2aa912671e0ca6fce22698c Mon Sep 17 00:00:00 2001
From: owaiskazi19 <owaiskazi19@gmail.com>
Date: Tue, 16 May 2023 17:40:14 +0000
Subject: [PATCH] Update logj4 to 2.20.0

Signed-off-by: owaiskazi19 <owaiskazi19@gmail.com>
---
 CHANGELOG.md                                                  | 1 +
 buildSrc/version.properties                                   | 3 +--
 libs/core/build.gradle                                        | 3 +++
 libs/core/licenses/log4j-api-2.17.1.jar.sha1                  | 1 -
 libs/core/licenses/log4j-api-2.20.0.jar.sha1                  | 1 +
 .../licenses/log4j-1.2-api-2.17.1.jar.sha1                    | 1 -
 .../licenses/log4j-1.2-api-2.20.0.jar.sha1                    | 1 +
 plugins/discovery-ec2/licenses/log4j-1.2-api-2.17.1.jar.sha1  | 1 -
 plugins/discovery-ec2/licenses/log4j-1.2-api-2.20.0.jar.sha1  | 1 +
 plugins/discovery-gce/licenses/log4j-1.2-api-2.17.1.jar.sha1  | 1 -
 plugins/discovery-gce/licenses/log4j-1.2-api-2.20.0.jar.sha1  | 1 +
 plugins/repository-gcs/licenses/log4j-1.2-api-2.17.1.jar.sha1 | 1 -
 plugins/repository-gcs/licenses/log4j-1.2-api-2.20.0.jar.sha1 | 1 +
 .../repository-hdfs/licenses/log4j-slf4j-impl-2.17.1.jar.sha1 | 1 -
 .../repository-hdfs/licenses/log4j-slf4j-impl-2.20.0.jar.sha1 | 1 +
 plugins/repository-s3/licenses/log4j-1.2-api-2.17.1.jar.sha1  | 1 -
 plugins/repository-s3/licenses/log4j-1.2-api-2.20.0.jar.sha1  | 1 +
 server/build.gradle                                           | 4 ++++
 server/licenses/log4j-api-2.17.1.jar.sha1                     | 1 -
 server/licenses/log4j-api-2.20.0.jar.sha1                     | 1 +
 server/licenses/log4j-core-2.17.1.jar.sha1                    | 1 -
 server/licenses/log4j-core-2.20.0.jar.sha1                    | 1 +
 server/licenses/log4j-jul-2.17.1.jar.sha1                     | 1 -
 server/licenses/log4j-jul-2.20.0.jar.sha1                     | 1 +
 24 files changed, 19 insertions(+), 12 deletions(-)
 delete mode 100644 libs/core/licenses/log4j-api-2.17.1.jar.sha1
 create mode 100644 libs/core/licenses/log4j-api-2.20.0.jar.sha1
 delete mode 100644 plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.17.1.jar.sha1
 create mode 100644 plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.20.0.jar.sha1
 delete mode 100644 plugins/discovery-ec2/licenses/log4j-1.2-api-2.17.1.jar.sha1
 create mode 100644 plugins/discovery-ec2/licenses/log4j-1.2-api-2.20.0.jar.sha1
 delete mode 100644 plugins/discovery-gce/licenses/log4j-1.2-api-2.17.1.jar.sha1
 create mode 100644 plugins/discovery-gce/licenses/log4j-1.2-api-2.20.0.jar.sha1
 delete mode 100644 plugins/repository-gcs/licenses/log4j-1.2-api-2.17.1.jar.sha1
 create mode 100644 plugins/repository-gcs/licenses/log4j-1.2-api-2.20.0.jar.sha1
 delete mode 100644 plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.17.1.jar.sha1
 create mode 100644 plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.20.0.jar.sha1
 delete mode 100644 plugins/repository-s3/licenses/log4j-1.2-api-2.17.1.jar.sha1
 create mode 100644 plugins/repository-s3/licenses/log4j-1.2-api-2.20.0.jar.sha1
 delete mode 100644 server/licenses/log4j-api-2.17.1.jar.sha1
 create mode 100644 server/licenses/log4j-api-2.20.0.jar.sha1
 delete mode 100644 server/licenses/log4j-core-2.17.1.jar.sha1
 create mode 100644 server/licenses/log4j-core-2.20.0.jar.sha1
 delete mode 100644 server/licenses/log4j-jul-2.17.1.jar.sha1
 create mode 100644 server/licenses/log4j-jul-2.20.0.jar.sha1

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f8617ea253804..01a0fd092fe6f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -113,6 +113,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - Bump `com.google.guava:guava` from 30.1.1-jre to 31.1-jre (#7565)
 - Bump `com.azure:azure-storage-common` from 12.20.0 to 12.21.0 (#7566)
 - Bump `org.apache.commons:commons-compress` from 1.22 to 1.23.0 (#7563)
+- Bump `log4j-core` from 2.17.1 to 2.20.0 ([#7586](https://github.com/opensearch-project/OpenSearch/pull/7586))
 
 ### Changed
 - Enable `./gradlew build` on MacOS by disabling bcw tests ([#7303](https://github.com/opensearch-project/OpenSearch/pull/7303))
diff --git a/buildSrc/version.properties b/buildSrc/version.properties
index 195050939b11d..cca419812a712 100644
--- a/buildSrc/version.properties
+++ b/buildSrc/version.properties
@@ -13,8 +13,7 @@ jackson_databind  = 2.15.0
 snakeyaml         = 2.0
 icu4j             = 70.1
 supercsv          = 2.4.0
-# Update to 2.17.2+ is breaking OpenSearchJsonLayout (see https://issues.apache.org/jira/browse/LOG4J2-3562)
-log4j             = 2.17.1
+log4j             = 2.20.0
 slf4j             = 1.7.36
 asm               = 9.5
 jettison          = 1.5.4
diff --git a/libs/core/build.gradle b/libs/core/build.gradle
index 696ea11f5be50..031a9155a3a98 100644
--- a/libs/core/build.gradle
+++ b/libs/core/build.gradle
@@ -107,6 +107,9 @@ tasks.named("thirdPartyAudit").configure {
     'org.osgi.framework.BundleActivator',
     'org.osgi.framework.BundleContext',
     'org.osgi.framework.BundleEvent',
+    'org.osgi.framework.FrameworkUtil',
+    'org.osgi.framework.ServiceRegistration',
+    'org.osgi.framework.ServiceReference',
     'org.osgi.framework.SynchronousBundleListener',
     'org.osgi.framework.wiring.BundleWire',
     'org.osgi.framework.wiring.BundleWiring'
diff --git a/libs/core/licenses/log4j-api-2.17.1.jar.sha1 b/libs/core/licenses/log4j-api-2.17.1.jar.sha1
deleted file mode 100644
index 9d0e5dc631ed5..0000000000000
--- a/libs/core/licenses/log4j-api-2.17.1.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-d771af8e336e372fb5399c99edabe0919aeaf5b2
\ No newline at end of file
diff --git a/libs/core/licenses/log4j-api-2.20.0.jar.sha1 b/libs/core/licenses/log4j-api-2.20.0.jar.sha1
new file mode 100644
index 0000000000000..37154d9861ac0
--- /dev/null
+++ b/libs/core/licenses/log4j-api-2.20.0.jar.sha1
@@ -0,0 +1 @@
+1fe6082e660daf07c689a89c94dc0f49c26b44bb
\ No newline at end of file
diff --git a/plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.17.1.jar.sha1 b/plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.17.1.jar.sha1
deleted file mode 100644
index 23aa5c60bd596..0000000000000
--- a/plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.17.1.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-db3a7e7f07e878b92ac4a8f1100bee8325d5713a
\ No newline at end of file
diff --git a/plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.20.0.jar.sha1 b/plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.20.0.jar.sha1
new file mode 100644
index 0000000000000..9829576d38ce0
--- /dev/null
+++ b/plugins/discovery-azure-classic/licenses/log4j-1.2-api-2.20.0.jar.sha1
@@ -0,0 +1 @@
+689151374756cb809cb029f2501015bdc7733179
\ No newline at end of file
diff --git a/plugins/discovery-ec2/licenses/log4j-1.2-api-2.17.1.jar.sha1 b/plugins/discovery-ec2/licenses/log4j-1.2-api-2.17.1.jar.sha1
deleted file mode 100644
index 23aa5c60bd596..0000000000000
--- a/plugins/discovery-ec2/licenses/log4j-1.2-api-2.17.1.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-db3a7e7f07e878b92ac4a8f1100bee8325d5713a
\ No newline at end of file
diff --git a/plugins/discovery-ec2/licenses/log4j-1.2-api-2.20.0.jar.sha1 b/plugins/discovery-ec2/licenses/log4j-1.2-api-2.20.0.jar.sha1
new file mode 100644
index 0000000000000..9829576d38ce0
--- /dev/null
+++ b/plugins/discovery-ec2/licenses/log4j-1.2-api-2.20.0.jar.sha1
@@ -0,0 +1 @@
+689151374756cb809cb029f2501015bdc7733179
\ No newline at end of file
diff --git a/plugins/discovery-gce/licenses/log4j-1.2-api-2.17.1.jar.sha1 b/plugins/discovery-gce/licenses/log4j-1.2-api-2.17.1.jar.sha1
deleted file mode 100644
index 23aa5c60bd596..0000000000000
--- a/plugins/discovery-gce/licenses/log4j-1.2-api-2.17.1.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-db3a7e7f07e878b92ac4a8f1100bee8325d5713a
\ No newline at end of file
diff --git a/plugins/discovery-gce/licenses/log4j-1.2-api-2.20.0.jar.sha1 b/plugins/discovery-gce/licenses/log4j-1.2-api-2.20.0.jar.sha1
new file mode 100644
index 0000000000000..9829576d38ce0
--- /dev/null
+++ b/plugins/discovery-gce/licenses/log4j-1.2-api-2.20.0.jar.sha1
@@ -0,0 +1 @@
+689151374756cb809cb029f2501015bdc7733179
\ No newline at end of file
diff --git a/plugins/repository-gcs/licenses/log4j-1.2-api-2.17.1.jar.sha1 b/plugins/repository-gcs/licenses/log4j-1.2-api-2.17.1.jar.sha1
deleted file mode 100644
index 23aa5c60bd596..0000000000000
--- a/plugins/repository-gcs/licenses/log4j-1.2-api-2.17.1.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-db3a7e7f07e878b92ac4a8f1100bee8325d5713a
\ No newline at end of file
diff --git a/plugins/repository-gcs/licenses/log4j-1.2-api-2.20.0.jar.sha1 b/plugins/repository-gcs/licenses/log4j-1.2-api-2.20.0.jar.sha1
new file mode 100644
index 0000000000000..9829576d38ce0
--- /dev/null
+++ b/plugins/repository-gcs/licenses/log4j-1.2-api-2.20.0.jar.sha1
@@ -0,0 +1 @@
+689151374756cb809cb029f2501015bdc7733179
\ No newline at end of file
diff --git a/plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.17.1.jar.sha1 b/plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.17.1.jar.sha1
deleted file mode 100644
index 894ed8d886c3f..0000000000000
--- a/plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.17.1.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-84692d456bcce689355d33d68167875e486954dd
\ No newline at end of file
diff --git a/plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.20.0.jar.sha1 b/plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.20.0.jar.sha1
new file mode 100644
index 0000000000000..800a4aa87ba0e
--- /dev/null
+++ b/plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.20.0.jar.sha1
@@ -0,0 +1 @@
+7ab4f082fd162f60afcaf2b8744a3d959feab3e8
\ No newline at end of file
diff --git a/plugins/repository-s3/licenses/log4j-1.2-api-2.17.1.jar.sha1 b/plugins/repository-s3/licenses/log4j-1.2-api-2.17.1.jar.sha1
deleted file mode 100644
index 23aa5c60bd596..0000000000000
--- a/plugins/repository-s3/licenses/log4j-1.2-api-2.17.1.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-db3a7e7f07e878b92ac4a8f1100bee8325d5713a
\ No newline at end of file
diff --git a/plugins/repository-s3/licenses/log4j-1.2-api-2.20.0.jar.sha1 b/plugins/repository-s3/licenses/log4j-1.2-api-2.20.0.jar.sha1
new file mode 100644
index 0000000000000..9829576d38ce0
--- /dev/null
+++ b/plugins/repository-s3/licenses/log4j-1.2-api-2.20.0.jar.sha1
@@ -0,0 +1 @@
+689151374756cb809cb029f2501015bdc7733179
\ No newline at end of file
diff --git a/server/build.gradle b/server/build.gradle
index 474d6eb0efead..727ac6afa37d5 100644
--- a/server/build.gradle
+++ b/server/build.gradle
@@ -264,7 +264,9 @@ tasks.named("thirdPartyAudit").configure {
             'com.lmax.disruptor.LifecycleAware',
             'com.lmax.disruptor.RingBuffer',
             'com.lmax.disruptor.Sequence',
+            'com.lmax.disruptor.SequenceBarrier',
             'com.lmax.disruptor.SequenceReportingEventHandler',
+            'com.lmax.disruptor.TimeoutException',
             'com.lmax.disruptor.WaitStrategy',
             'com.lmax.disruptor.dsl.Disruptor',
             'com.lmax.disruptor.dsl.ProducerType',
@@ -293,6 +295,7 @@ tasks.named("thirdPartyAudit").configure {
             'org.apache.commons.csv.QuoteMode',
             'org.apache.kafka.clients.producer.Producer',
             'org.apache.kafka.clients.producer.RecordMetadata',
+            'org.apache.kafka.common.serialization.ByteArraySerializer',
             'org.codehaus.stax2.XMLStreamWriter2',
             'org.jctools.queues.MpscArrayQueue',
             'org.osgi.framework.Bundle',
@@ -301,6 +304,7 @@ tasks.named("thirdPartyAudit").configure {
             'org.osgi.framework.BundleEvent',
             'org.osgi.framework.BundleReference',
             'org.osgi.framework.FrameworkUtil',
+            'org.osgi.framework.ServiceReference',
             'org.osgi.framework.ServiceRegistration',
             'org.osgi.framework.SynchronousBundleListener',
             'org.osgi.framework.wiring.BundleWire',
diff --git a/server/licenses/log4j-api-2.17.1.jar.sha1 b/server/licenses/log4j-api-2.17.1.jar.sha1
deleted file mode 100644
index 9d0e5dc631ed5..0000000000000
--- a/server/licenses/log4j-api-2.17.1.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-d771af8e336e372fb5399c99edabe0919aeaf5b2
\ No newline at end of file
diff --git a/server/licenses/log4j-api-2.20.0.jar.sha1 b/server/licenses/log4j-api-2.20.0.jar.sha1
new file mode 100644
index 0000000000000..37154d9861ac0
--- /dev/null
+++ b/server/licenses/log4j-api-2.20.0.jar.sha1
@@ -0,0 +1 @@
+1fe6082e660daf07c689a89c94dc0f49c26b44bb
\ No newline at end of file
diff --git a/server/licenses/log4j-core-2.17.1.jar.sha1 b/server/licenses/log4j-core-2.17.1.jar.sha1
deleted file mode 100644
index 7d4634f3d4e18..0000000000000
--- a/server/licenses/log4j-core-2.17.1.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-779f60f3844dadc3ef597976fcb1e5127b1f343d
\ No newline at end of file
diff --git a/server/licenses/log4j-core-2.20.0.jar.sha1 b/server/licenses/log4j-core-2.20.0.jar.sha1
new file mode 100644
index 0000000000000..49c972626563b
--- /dev/null
+++ b/server/licenses/log4j-core-2.20.0.jar.sha1
@@ -0,0 +1 @@
+eb2a9a47b1396e00b5eee1264296729a70565cc0
\ No newline at end of file
diff --git a/server/licenses/log4j-jul-2.17.1.jar.sha1 b/server/licenses/log4j-jul-2.17.1.jar.sha1
deleted file mode 100644
index 4afb381a696e9..0000000000000
--- a/server/licenses/log4j-jul-2.17.1.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-881333b463d47828eda7443b19811763367b1916
\ No newline at end of file
diff --git a/server/licenses/log4j-jul-2.20.0.jar.sha1 b/server/licenses/log4j-jul-2.20.0.jar.sha1
new file mode 100644
index 0000000000000..a456651e4569e
--- /dev/null
+++ b/server/licenses/log4j-jul-2.20.0.jar.sha1
@@ -0,0 +1 @@
+8170e6118eac1ab332046c179718a0f107f688e1
\ No newline at end of file