mitigate Log4J v2 CVE-2021-44228 by using LOG4J_FORMAT_MSG_NO_LOOKUPS env variable

Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
2021-12-11 23:53:56 +01:00 · 2021-12-11 23:53:56 +01:00 · 33d0b93b00
commit 33d0b93b00
parent 1ffb3f1c9b
1 changed files with 2 additions and 0 deletions
--- a/elasticsearch-logstash-kibana/docker-compose.yml
+++ b/elasticsearch-logstash-kibana/docker-compose.yml
@ -5,6 +5,7 @@ services:
    environment:
      discovery.type: single-node
      ES_JAVA_OPTS: "-Xms512m -Xmx512m"
+      LOG4J_FORMAT_MSG_NO_LOOKUPS: true
    ports:
      - "9200:9200"
      - "9300:9300"
@ -21,6 +22,7 @@ services:
    environment:
      discovery.seed_hosts: logstash
      LS_JAVA_OPTS: "-Xms512m -Xmx512m"
+      LOG4J_FORMAT_MSG_NO_LOOKUPS: true
    volumes:
      - ./logstash/pipeline/logstash-nginx.config:/usr/share/logstash/pipeline/logstash-nginx.config
      - ./logstash/nginx.log:/home/nginx.log