1、背景:
软件:log4j-core(jar) 2.8.2 漏洞
命中:["log4j-core(jar) version less than 2.12.2","log4j-core(jar) extendField.jndi_class_not_exist equals false","log4j-core(jar) version more than equals 2.4"]
2、查找log4j文件:
路径:/data/elasticsearch/lib/log4j-core-2.8.2.jar , 需要到 安装的路径下搜索,
[root@kafka-03 lib]# ll |grep log4j
-rwxrwxrwx 1 es es 228154 Nov 21 2017 log4j-api-2.8.2.jar
-rwxrwxrwx 1 es es 1407853 Nov 21 2017 log4j-core-2.8.2.jar
3、下载 替换,及重启。
https://repo.maven.apache.org/maven2/org/apache/logging/log4j/log4j-api/2.16.0/ 目录下载
#mkdir -pv /opt/softwar && cd /opt/softwar
###wget https://repo.maven.apache.org/maven2/org/apache/logging/log4j/log4j-api/2.16.0/log4j-api-2.16.0.jar
https://repo.maven.apache.org/maven2/org/apache/logging/log4j/log4j-core/2.16.0/ 目录下载
wget https://repo.maven.apache.org/maven2/org/apache/logging/log4j/log4j-core/2.16.0/log4j-core-2.16.0.jar
注:如docker 安装,需要Dockerfile
FROM xxxx镜像来源
USER root
COPY log4j-core-2.16.0.jar elasticsearch路径/lib/
COPY log4j-api-2.16.0.jar elasticsearch路径/lib/
RUN rm -rf elasticsearch路径/lib/log4j-api-2.8.2.jar && rm -rf elasticsearch路径/lib/log4j-core-2.8.2.jar
运行打包
docker build . -t 仓库/xxx:vxx
