Update log4j dependency

Description

The version of log4j that we currently use suffers from CVE-2020-9488 (which relates to SMTP, which we're not using by default).

The dependency should be updated.

Environment

None
Fixed

Assignee

Guus der Kinderen

Reporter

Guus der Kinderen