Merge branch 'stable-2.14' into stable-2.15

* stable-2.14:
  Update log4j2 version to 2.17.0
  Update log4j2 version to 2.16.0 to fix CVE-2021-44228

Change-Id: Ica91950a62efe378b491af8e53fc6ac873c6f179
diff --git a/external_plugin_deps.bzl b/external_plugin_deps.bzl
index ceca8a6..7d9fdd6 100644
--- a/external_plugin_deps.bzl
+++ b/external_plugin_deps.bzl
@@ -52,24 +52,24 @@
         sha1 = "31cdf122e000322e9efcb38913e9ab07825b17ef",
     )
 
-    LOG4J2_VERS = "2.11.1"
+    LOG4J2_VERS = "2.17.0"
 
     maven_jar(
         name = "log4j-slf4j-impl",
         artifact = "org.apache.logging.log4j:log4j-slf4j-impl:" + LOG4J2_VERS,
-        sha1 = "4b41b53a3a2d299ce381a69d165381ca19f62912",
+        sha1 = "1ec25ce0254749c94549ea9c3cea34bd0488c9c6",
     )
 
     maven_jar(
         name = "log4j-core",
         artifact = "org.apache.logging.log4j:log4j-core:" + LOG4J2_VERS,
-        sha1 = "592a48674c926b01a9a747c7831bcd82a9e6d6e4",
+        sha1 = "fe6e7a32c1228884b9691a744f953a55d0dd8ead",
     )
 
     maven_jar(
         name = "log4j-api",
         artifact = "org.apache.logging.log4j:log4j-api:" + LOG4J2_VERS,
-        sha1 = "268f0fe4df3eefe052b57c87ec48517d64fb2a10",
+        sha1 = "bbd791e9c8c9421e45337c4fe0a10851c086e36c",
     )
 
     maven_jar(