search

openshift / origin-aggregated-logging

139 stars 231 forks source link

LOG-2102: Update ES to include log4j v2.17.1 to fix CVE-2021-44832 #2230

Closed jcantrill closed 2 years ago

jcantrill commented 2 years ago

Description

This PR:

Links

openshift-ci[bot] commented 2 years ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jcantrill

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/openshift/origin-aggregated-logging/blob/master/OWNERS)~~ [jcantrill] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
jcantrill commented 2 years ago

/retest

jcantrill commented 2 years ago

/retest

jcantrill commented 2 years ago

/retest

jcantrill commented 2 years ago

/retest

vparfonov commented 2 years ago

/lgtm

jcantrill commented 2 years ago

/retest

openshift-ci[bot] commented 2 years ago

@jcantrill: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).
jcantrill commented 2 years ago

/cherrypick release-5.0

openshift-cherrypick-robot commented 2 years ago

@jcantrill: #2230 failed to apply on top of branch "release-5.0":

Applying: LOG-2102: Update ES to include log4j v2.17.1 to fix CVE-2021-44832
Using index info to reconstruct a base tree...
A   elasticsearch/Dockerfile.in
M   elasticsearch/fetch-artifacts-koji.yaml
Falling back to patching base and 3-way merge...
Auto-merging elasticsearch/fetch-artifacts-koji.yaml
CONFLICT (modify/delete): elasticsearch/Dockerfile.in deleted in HEAD and modified in LOG-2102: Update ES to include log4j v2.17.1 to fix CVE-2021-44832. Version LOG-2102: Update ES to include log4j v2.17.1 to fix CVE-2021-44832 of elasticsearch/Dockerfile.in left in tree.
CONFLICT (content): Merge conflict in elasticsearch/Dockerfile
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 LOG-2102: Update ES to include log4j v2.17.1 to fix CVE-2021-44832
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".
In response to [this](https://github.com/openshift/origin-aggregated-logging/pull/2230#issuecomment-1013141715): >/cherrypick release-5.0 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.