FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenSearch -- Log4Shell

Affected packages
opensearch < 1.2.3

Details

VuXML ID d1be3d73-6737-11ec-9eea-589cfc007716
Discovery 2021-12-16
Entry 2021-12-27

OpenSearch reports:

CVE-2021-45105 for Log4j was issued after the release of OpenSearch 1.2.2. This CVE advises upgrading to Log4j 2.17.0. While there has been no observed reproduction of the issue described in CVE-2021-45105 in OpenSearch, we have released OpenSearch 1.2.3 which updates Log4j to version 2.17.0.

References

CVE Name CVE-2021-45105
URL https://opensearch.org/blog/releases/2021/12/update-1-2-3/