[Security] Add log4j vulnerability mitigation in Elasticsearch
Change-Id: I2d4a4fab35771723be82a1c8b98dbe4cc3164f58
This commit is contained in:
parent
db789efce0
commit
ecbd96bebb
@ -38,7 +38,7 @@ elasticsearch_enable_keystone_registration: False
|
||||
|
||||
elasticsearch_cluster_name: "kolla_logging"
|
||||
es_heap_size: "1g"
|
||||
es_java_opts: "{% if es_heap_size %}-Xms{{ es_heap_size }} -Xmx{{ es_heap_size }}{%endif%}"
|
||||
es_java_opts: "{% if es_heap_size %}-Xms{{ es_heap_size }} -Xmx{{ es_heap_size }}{%endif%} -Dlog4j2.formatMsgNoLookups=true"
|
||||
|
||||
#######################
|
||||
# Elasticsearch Curator
|
||||
|
5
releasenotes/notes/security-log4j-1be047799f8e590a.yaml
Normal file
5
releasenotes/notes/security-log4j-1be047799f8e590a.yaml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
security:
|
||||
- |
|
||||
Adds mitigation for the Apache Log4j2 Remote Code Execution (RCE)
|
||||
Vulnerability in Elasticsearch - CVE-2021-44228.
|
Loading…
Reference in New Issue
Block a user