You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Address log4j2 remote code execution vulnerability, acknowledging that, according to ElasticSearch, "Elasticsearch is not susceptible to remote code execution with this vulnerability due to our use of the Java Security Manager. Elasticsearch on JDK8 or below is susceptible to an information leak via DNS which is fixed by a simple JVM property change. The information leak does not permit access to data within the Elasticsearch cluster."
Add -Dlog4j2.formatMsgNoLookups=true to elasticsearch docker container environment variables in docker-compose.yml files per the Elastic Search recommendations above.
The text was updated successfully, but these errors were encountered:
Address log4j2 remote code execution vulnerability, acknowledging that, according to ElasticSearch, "Elasticsearch is not susceptible to remote code execution with this vulnerability due to our use of the Java Security Manager. Elasticsearch on JDK8 or below is susceptible to an information leak via DNS which is fixed by a simple JVM property change. The information leak does not permit access to data within the Elasticsearch cluster."
Add
-Dlog4j2.formatMsgNoLookups=trueto elasticsearch docker container environment variables in docker-compose.yml files per the Elastic Search recommendations above.The text was updated successfully, but these errors were encountered: