Upgrade Log4J - Security Advisory

[cosmocracy]

This project has a dependency on Log4J. The version used (1.2.x) has a security advisory related to the socker server listener/appender. This is not used but it's worth upping the rev of Log4J just to avoid confusion/concern.

See: https://logging.apache.org/log4j/2.x/manual/migration.html

[cosmocracy]

[cosmocracy]

(In GitHub I dismissed the warning/alert and marked that we are not using the vulnerable portions of the code.)