This repository has been archived by the owner on Aug 2, 2022. It is now read-only.
Integrate all patches or the most important ones when releasing security patch for Log4j #795
Labels
question
Further information is requested
Comments
|
@rhadw 1.13.3 was an emergency fix for log4j - that was the only priority. Any additional fixes would have to go into an additional release. |
|
Cannot answer until we get the source for 1.13.3. Was this image deployed from the 1.13.3-test branch??? |
|
We see performance-analyzer still has reference to log4j-core-2.13.0.jar - can we get a build updating the all the log4j jar files to a version without the vuln? |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Query
Integrate all patches/fixes which are production ready.
Expected Behavior
I would like to integrate all minor changes or at least the most annoying of them in the security patch for log4j.
This is an important fix which should have been present in the latest release but isn't: opendistro-for-elasticsearch/index-management#448 - it's regarding applying only the first 10 policies because of a search issue.
An example would be this #763 regarding continous tenant selection message
Current Behavior
No fixes/patches since v1.13...
Failure Information (for bugs)
This is an important fix which should have been present in the latest release but isn't: opendistro-for-elasticsearch/index-management#448 - it's regarding applying only the first 10 policies because of a search issue.
The text was updated successfully, but these errors were encountered: