cve-2021-45046 - Upgrade to log4j 2.16 #81867

2knarf · 2021-12-17T14:33:01Z

Seems like log4j 2.16 now needs to be used.

https://www.lunasec.io/docs/blog/log4j-zero-day-severity-of-cve-2021-45046-increased/

elasticmachine · 2021-12-17T17:04:22Z

Pinging @elastic/es-core-infra (Team:Core/Infra)

grcevski · 2021-12-17T19:21:09Z

Thanks @2knarf, please see the following PR and discussion #81759.

costin · 2021-12-19T08:32:18Z

Superseded through #81902 - Upgrade to Log4J 2.17.0

2knarf added >bug needs:triage Requires assignment of a team area label labels Dec 17, 2021

DJRickyB mentioned this issue Dec 17, 2021

Upgrade log4j to 2.16.0 #81759

Closed

DJRickyB added :Core/Infra/Logging Log management and logging utilities dependencies and removed >bug needs:triage Requires assignment of a team area label labels Dec 17, 2021

elasticmachine added the Team:Core/Infra Meta label for core/infra team label Dec 17, 2021

costin closed this as completed Dec 19, 2021

tormi mentioned this issue Dec 28, 2021

Elasticsearch version 7.16.2 is not supported in Lando 3.6.0 wunderio/drupal-project#249

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

cve-2021-45046 - Upgrade to log4j 2.16 #81867

cve-2021-45046 - Upgrade to log4j 2.16 #81867

2knarf commented Dec 17, 2021

elasticmachine commented Dec 17, 2021

grcevski commented Dec 17, 2021

costin commented Dec 19, 2021

cve-2021-45046 - Upgrade to log4j 2.16 #81867

cve-2021-45046 - Upgrade to log4j 2.16 #81867

Comments

2knarf commented Dec 17, 2021

elasticmachine commented Dec 17, 2021

grcevski commented Dec 17, 2021

costin commented Dec 19, 2021