[
https://issues.apache.org/jira/browse/RANGER-4939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17885062#comment-17885062
]
FerArribas commented on RANGER-4939:
------------------------------------
*Error encountered* -> ElasticSearchAccessAuditsServiceTest -> ERROR
org.apache.ranger.audit.provider.BaseAuditHandler -- Error sending message to
ElasticSearch java.lang.RuntimeException: Cannot execute request; I/O reactor
status: STOPPED</resthighlevelclient>.
*Details:*
Error in using a try-with-resources block in ElasticSearchAuditDestination
because it closes the ElasticSearch client prematurely. In a try-with-resources
block, any resource that implements the AutoCloseable interface will
automatically close at the end of the block, which may cause the ElasticSearch
client to close before its use is complete. To avoid this problem, we remove
the try-with-resources usage for the ElasticSearch client because it already
explicitly closes the client when it is no longer needed, specifically in
RestHighLevelClient which implements Closeable's close method.
> Upgrade Elasticsearch version to 7.17.22
> ----------------------------------------
>
> Key: RANGER-4939
> URL: https://issues.apache.org/jira/browse/RANGER-4939
> Project: Ranger
> Issue Type: Improvement
> Components: audit
> Affects Versions: 2.5.0
> Reporter: FerArribas
> Assignee: FerArribas
> Priority: Major
> Labels: security
> Fix For: 3.0.0, 2.5.0, 2.6.0
>
> Original Estimate: 336h
> Remaining Estimate: 336h
>
> Elasticsearch version 7.10.2 is affected by a high vulnerability
> CVE-2023-31418. You must upgrade to version 7.17.22 to fix this
> vulnerability.
> For the moment, it is not easy to upgrade to a more current version than
> 7.17.22 since the Elastic API is not backwards compatible and changes the
> implementation a lot.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
