Upgrade opendistro/opensearch for log4j vulnerability

Question

Upgrade opendistro/opensearch for log4j vulnerability

vmenger opened this issue 3 years ago · 1 comments

You're probably well aware, but you it's recommended to upgrade to OpenDistro >= 1.13.3 or OpenSearch >=1.2.1 asap to mitigate the log4j vulnerability (see: the internet).

https://opendistro.github.io/for-elasticsearch/blog/2021/12/update-to-1-13-3/
https://opensearch.org/blog/releases/2021/12/update-to-1-2-1/

Answer 1 · 2021-12-14T15:29:21.000Z

Yep. Updated on the master/dev branches.