openstack/kolla-ansible
Code Issues Proposed changes

Merge "[Security] Add log4j vulnerability mitigation in Elasticsearch"

Browse Source
This commit is contained in:
Zuul 2021-12-20 22:10:08 +00:00 committed by Gerrit Code Review
commit 0f460f56de
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/roles/elasticsearch/defaults/main.yml
View File

@ -38,7 +38,7 @@ elasticsearch_enable_keystone_registration: False
elasticsearch_cluster_name: "kolla_logging"
es_heap_size: "1g"
es_java_opts: "{% if es_heap_size %}-Xms{{ es_heap_size }} -Xmx{{ es_heap_size }}{%endif%}"
es_java_opts: "{% if es_heap_size %}-Xms{{ es_heap_size }} -Xmx{{ es_heap_size }}{%endif%} -Dlog4j2.formatMsgNoLookups=true"
#######################
# Elasticsearch Curator

5
releasenotes/notes/security-log4j-1be047799f8e590a.yaml Normal file
View File

@ -0,0 +1,5 @@
---
security:
- |
Adds mitigation for the Apache Log4j2 Remote Code Execution (RCE)
Vulnerability in Elasticsearch - CVE-2021-44228.