Please see https://github.com/macports/macports-ports/pull/13331
> On Dec 12, 2021, at 7:36 AM, Nils Breunese <n...@breun.nl> wrote: > > 2. elasticsearch 7.15.2_0 includes log4j-core-2.11.1.jar, which is a > vulnerable version of Log4J 2.x > > https://github.com/elastic/elasticsearch/issues/81618 > <https://github.com/elastic/elasticsearch/issues/81618> says: "This can be > mitigated for the time being by adding -Dlog4j2.formatMsgNoLookups=true to > ES_JAVA_OPTS". I think I’d add -Dlog4j2.formatMsgNoLookups=true in > /opt/local/etc/elasticsearch/jvm.options, or add ES_JAVA_OPTS="$ES_JAVA_OPTS > -Dlog4j2.formatMsgNoLookups=true" at the end of > /opt/local/bin/elasticsearch-env.
smime.p7s
Description: S/MIME cryptographic signature
