Bump: log4j to 2.15.0

[kimtruth]

📜 Description

Bump log4j-api,log4j-core from 2.13.3 to 2.15.0

💡 Motivation and Context

CVE-2021-44228
Log4j versions prior to 2.15.0 are subject to a remote code execution vulnerability via the ldap JNDI parser.

💚 How did you test it?

📝 Checklist

• I reviewed the submitted code
• I added tests to verify the changes
• I updated the docs if needed
• No breaking changes

🔮 Next steps

[codecov-commenter]

Codecov Report

Merging #1839 (a8a3c77) into main (b182c6e) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##               main    #1839   +/-   ##
=========================================
  Coverage     75.69%   75.69%           
  Complexity     2194     2194           
=========================================
  Files           218      218           
  Lines          7810     7810           
  Branches        828      828           
=========================================
  Hits           5912     5912           
  Misses         1496     1496           
  Partials        402      402           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b182c6e...a8a3c77. Read the comment docs.

[maciejwalkowiak]

Thanks!

[bruno-garcia]

Thanks!

[zagorulkinde]

Hello, is it version had been updated on central? 5.0.5 does not have this CVE? Thanks in advance.

[marandaneto]

Hello, is it version had been updated on central? 5.0.5 does not have this CVE? Thanks in advance.

https://github.com/getsentry/sentry-java/releases/tag/5.5.0