Message Boards
Apache Log4j2 vulnerability for Liferay 7.2.1 CE and Elastic search
Karthik Nainupatruni, modified 2 Years ago.
Apache Log4j2 vulnerability for Liferay 7.2.1 CE and Elastic search
Junior Member Posts: 28 Join Date: 5/5/15 Recent PostsHi All,
We have been using the Liferay CE 7.2.1 GA2 and Elastic
search 6.4.3 in our project.
With persisting latest effect of log4J Shell Vulnerability issue , we have been added -Dlog4j2.formatMsgNoLookups=true in JVM options however Apache log4j project saying is not 100% safe by adding this configuration.
Here are my 2 questions to the Liferay community ,Kindly answer or throw some insight on this.
1) How to mitigate Log4j Shell vulnerability issue for LR and Elatci search?
2) how to apply log4J 2.17.0 version in Liferay and elastic search?