Skip to content

Commit c043c6f

Browse files
WadeBarnesWadeBarnes
committed
Apply mitigation for CVE-2021-44228
Mitigation documented here; https://logging.apache.org/log4j/2.x/security.html Signed-off-by: Wade Barnes <wade@neoterictech.ca>
1 parent 0577fcf commit c043c6f

File tree

1 file changed

+12
-0
lines changed

1 file changed

+12
-0
lines changed

Dockerfile

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,18 @@ LABEL maintainer="emiliano.sune@gmail.com"
55
USER root
66
ENV STI_SCRIPTS_PATH=/usr/libexec/s2i
77

8+
# ===============================================================================================
9+
# Mitigation for CVE-2021-44228
10+
#
11+
# Upgrade to solr 8.11.1 or greater when availble.
12+
#
13+
# References:
14+
# - https://logging.apache.org/log4j/2.x/security.html
15+
# - https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
16+
# -----------------------------------------------------------------------------------------------
17+
ENV LOG4J_FORMAT_MSG_NO_LOOKUPS=true
18+
# ===============================================================================================
19+
820
LABEL io.k8s.description="Run SOLR search in OpenShift" \
921
io.k8s.display-name="SOLR 8.8.1" \
1022
io.openshift.expose-services="8983:http" \

0 commit comments

Comments
 (0)