[release-4.6] Bug 2036040: Update ES to resolve CVE-2021-44832

[jcantrill]

Description

This PR:

Fixes CVE-2021-44832 by bumping log4j to v2.17.1 for logging 4.6

Links

• https://bugzilla.redhat.com/show_bug.cgi?id=2036040

[openshift-ci[bot]]

@jcantrill: This pull request references Bugzilla bug 2036040, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

2 validation(s) were run on this bug

* bug target release (4.6.z) matches configured target release for branch (4.6.z) * bug is in the state ASSIGNED, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

No GitHub users were found matching the public email listed for the QA contact in Bugzilla (anli@redhat.com), skipping review request.

In response to [this](https://github.com/openshift/origin-aggregated-logging/pull/2232): >[release-4.6] Bug 2036040: Update ES to resolve CVE-2021-44832 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[openshift-ci[bot]]

@jcantrill: An error was encountered querying GitHub for users with public email (anli@redhat.com) for bug 2036040 on the Bugzilla server at https://bugzilla.redhat.com. No known errors were detected, please see the full error message for details.

Full error message.

non-200 OK status code: 403 Forbidden body: "{\n \"documentation_url\": \"https://docs.github.com/en/free-pro-team@latest/rest/overview/resources-in-the-rest-api#secondary-rate-limits\",\n \"message\": \"You have exceeded a secondary rate limit. Please wait a few minutes before you try again.\"\n}\n"

Please contact an administrator to resolve this issue, then request a bug refresh with /bugzilla refresh.

In response to [this](https://github.com/openshift/origin-aggregated-logging/pull/2232): >[release-4.6] Bug 2036040: Update ES to resolve CVE-2021-44832 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[openshift-ci[bot]]

@jcantrill: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).

[syedriko]

/lgtm

[openshift-ci[bot]]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alanconway, jcantrill

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/openshift/origin-aggregated-logging/blob/release-4.6/OWNERS)~~ [alanconway,jcantrill] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[anpingli]

/lgtm

[anpingli]

/label cherry-pick-approved

[openshift-ci[bot]]

@jcantrill: All pull requests linked via external trackers have merged:

• openshift/origin-aggregated-logging#2232

Bugzilla bug 2036040 has been moved to the MODIFIED state.

In response to [this](https://github.com/openshift/origin-aggregated-logging/pull/2232): >[release-4.6] Bug 2036040: Update ES to resolve CVE-2021-44832 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.