Question

Solved722 views17th July 2023

2

Chris Glover [DevOps Advocate]947 20th December 2021 0 Comments

Hi,

To mitigate log4j vulnerabilities, should we follow the instructions detailed here https://www.elastic.co/guide/en/elasticsearch/reference/6.8/rolling-upgrades.html or is the process a bit more involved for DM?

Thanks

Marieke Goethals [SLC] [DevOps Enabler] Selected answer as best 17th July 2023

2 Answers

2

Gellynck Jens [SLC]2.71K Posted 20th December 2021 2 Comments

Hi Chris,

We are currently validating the procedure to update Elastic, I will get back to you when it's complete. We expect to have it in the coming days.

Marieke Goethals [SLC] [DevOps Enabler] Selected answer as best 17th July 2023

Chris Glover [DevOps Advocate] commented 20th December 2021

Great, thanks!

Thomas Deweer [SLC] commented 21st December 2021

Hello Chris, guide available at: https://community.dataminer.services/documentation/upgrading-elasticsearch-from-one-minor-version-to-another/
This is for windows 🙂 It’s more elaborate than the guide you linked. However, for linux, we can only endorse the guide you linked

Hello Chris, guide available at: https://community.dataminer.services/documentation/upgrading-elasticsearch-from-one-minor-version-to-another/
This is for windows 🙂 It’s more elaborate than the guide you linked. However, for linux, we can only endorse the guide you linked

score 2 · Answer 1 · 2021-12-20T15:41:58+00:00

2

Pedro Almeida [SLC]286 Posted 20th December 2021 1 Comment

Hello Chris,

Please check the following link: https://community.dataminer.services/responding-to-log4shell-vulnerability/.

We are working on a guide to help you with the update of Elastic.

Chris Glover [DevOps Advocate] Posted new comment 20th December 2021

Chris Glover [DevOps Advocate] commented 20th December 2021

I had, hence my question!
We’re getting pressure from our IT security teams to resolve this.

log4j – upgrading to Elastic 6.8.22

2 Answers