bartjkdp
commented
2 years ago I agree we should update the Elasticsearch 7.x. Updating the Elasticsearch package probably is not too much work.
Open martijncalker opened 3 years ago
bartjkdp
commented
2 years ago I agree we should update the Elasticsearch 7.x. Updating the Elasticsearch package probably is not too much work.
vanbuiten
commented
2 years ago Keep in mind that in Amsterdam we currently only have an Elastic cluster running version 6 at our disposal. So if this package needs to be updated in the python code we need to check if we can also update the elastic cluster in Amsterdam. This is something we currently do not have under our own control.
martijncalker
commented
2 years ago Maybe it's time to upgrade the Elasticseach version, since Elasticsearch ships with Log4j > 2.9.0 since version 6 :)
vanbuiten
commented
2 years ago @martijncalker for your information I found this update on the issue on the elastic discuss https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 We are looking into this.
bartjkdp
commented
2 years ago Elasticsearch 6.8.21 released with a fix: https://www.elastic.co/guide/en/elasticsearch/reference/6.8/release-notes-6.8.21.html
Hi there,
Currently the Helm Chart depends on Elasticsearch ~6.8.0. The 6.8 version of Elasticsearch has been EOL since 2020-11-20.
The application depends on the Python Elasticsearch package, which is only compatible with Elasticsearch 6.x.
Are there any plans on upgrading Elasticsearch to a supported version?