[Security] Update to safe version

[intrigus]

This removes any potential for exploitation of CVE-2021-44228.

[extremeCrazyCoder]

Where did you get the 2.15.1 version from? I can't build that stuff now

The maven repository seems to only have 2.15.0 and 2.16.0 (sse https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.15.0/ )

EDIT:
For my fork I simply went up to 2.16.0 see 892d0b9

EDIT2:
I don't know how easy it is to exploit that using Workbench, but at least for the debugging mode this is quite easy since the whole clipboard content is beeing logged

[intrigus]

https://logging.apache.org/log4j/2.x/ says that

Log4j 2.15.1 has been released solely to disable access to JNDI by default. The CVE noted below was fixed in the 2.15.0 release. 2.15.1 is NOT a required upgrade but users may choose to use it to have confidence that JNDI will not be abused.

I just now realized that this has not yet been released...
But I hope that the release will happen soon. Otherwise I'll bump this to 2.16.0

[extremeCrazyCoder]

Interesting thanks
Seems dependabot also means we should use 2.16.0