Skip to content

v0.0.10
Compare
Choose a tag to compare
@Zalgo2462 Zalgo2462 released this 13 Dec 21:01
· 17 commits to master since this release
v0.0.10
5eb317e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Changes:

  • Upgrade Elasticsearch to 7.16.1, patching an exploit in the log4j logger which may lead to information disclosure

For more information, please see https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476

From the elastic report:

Elasticsearch is not susceptible to remote code execution with this vulnerability due to our use of the Java Security Manager. Elasticsearch on JDK8 or below is susceptible to an information leak via DNS

Assets 4
Loading