ansible-role-elasticsearch
ansible-role-elasticsearch copied to clipboard
geerlingguy
Add fix for log4shell vulnerability
Add formatMsgNoLookups boolean to jvm.options configuration to prevent log4j attack vectors. As per this article.
This pull request has been marked 'stale' due to lack of recent activity. If there is no further activity, the PR will be closed in another 30 days. Thank you for your contribution!
Please read this blog post to see the reasons why I mark pull requests as stale.
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}
This pull request has been marked 'stale' due to lack of recent activity. If there is no further activity, the PR will be closed in another 30 days. Thank you for your contribution!
Please read this blog post to see the reasons why I mark pull requests as stale.
@geerlingguy I know this project is handled on a best-effort basis, but I think this definitely needs some attention
@geerlingguy I know this project is handled on a best-effort basis, but I think this definitely needs some attention
I couldn’t agree more 👍 This way people end up forking the project to keep it maintained, which is causing fragmentation. I’m happy to help.
Approved by someone who's not a maintainer ;)
I should note that I don't personally use elasticsearch anymore (moved on to other stacks), so this role is in maintenance mode. I'll merge this since it doesn't seem like it should do any harm.
Editorializing, but: not sure if ES instances would be vulnerable by default regardless... the annoying thing with L4S is you have to evaulate on a per application and sometimes per deployment basis whether you're actually open to the attack. I know a lot of people are forced to add these options so automated vulnerability scanners can be made to be quiet :(
