DEP: Update log4j

Update log4j after https://nvd.nist.gov/vuln/detail/CVE-2021-44228