Bump version of log4j-api and log4j-core

[agocs]

What does this PR do?

This bumps the versions of log4j-api and log4j-core that were imported for testing. The old versions of log4j were found to be susceptible to a remote code execution attack. See the following resources for more info:

• https://www.lunasec.io/docs/blog/log4j-zero-day/
• https://www.randori.com/blog/cve-2021-44228/
• CVE-2021-44228

datadog-lambda-java only uses log4j in testing, and the log4j dependency does not make it into the published library. Regardless, we are going to cut a new version to be safe.

Motivation

Testing Guidelines

Additional Notes

Types of changes

• [x] Bug fix
• [ ] New feature
• [ ] Breaking change
• [ ] Misc (docs, refactoring, dependency upgrade, etc.)

Checklist

• [x] This PR's description is comprehensive
• [ ] This PR contains breaking changes that are documented in the description
• [ ] This PR introduces new APIs or parameters that are documented and unlikely to change in the foreseeable future
• [ ] This PR impacts documentation, and it has been updated (or a ticket has been logged)
• [ ] This PR's changes are covered by the automated tests
• [ ] This PR collects user input/sensitive content into Datadog