Log4j2漏洞修复

2022.08.01,我司某系统 elasticsearch 7.10.1 默认使用了低版本的 Log4j 2.11.1 而收到了 Log4j2疑似存在严重漏洞修复通报 邮件,下面是修复过程(建议升级到:Log4j 2.18),仅供参考。

漏洞主题:Apache Log4j2 远程代码执行漏洞
漏洞公告:https://help.aliyun.com/document_detail/368470.html
影响版本:Apache Log4j 2.x <= 2.14.1
新版下载:https://logging.apache.org/log4j/2.x/download.html
  • 确认过程:确认要替换的jar包(只用替换lib目录下的jar包)
[root@localhost]# find /data/elasticsearch_9200/lib -name log4j*.jar
/data/elasticsearch_9200/lib/log4j-api-2.11.1.jar
/data/elasticsearch_9200/lib/log4j-core-2.11.1.jar
  • 修复过程:替换新版jar包
cd /opt/
wget -c https://www.apache.org/dyn/closer.lua/logging/log4j/2.18.0/apache-log4j-2.18.0-bin.zip
unzip apache-log4j-2.18.0-bin.zip

ps -ef | grep elasticsearch | grep -v grep | awk '{print $2}' | xargs kill -9 2> /dev/null
mkdir -p /data/es_bak_20220801
mv /data/elasticsearch_9200/lib/log4j-api-2.11.1.jar /data/es_bak_20220801/log4j-api-2.11.1.jar
mv /data/elasticsearch_9200/lib/log4j-core-2.11.1.jar /data/es_bak_20220801/log4j-core-2.11.1.jar
\cp /opt/apache-log4j-2.18.0-bin/log4j-api-2.18.0.jar /data/elasticsearch_9200/lib/log4j-api-2.18.0.jar
\cp /opt/apache-log4j-2.18.0-bin/log4j-core-2.18.0.jar /data/elasticsearch_9200/lib/log4j-core-2.18.0.jar

ulimit -n 65536
chown -R esuser.esuser /data/elasticsearch_9200
sudo -u esuser /data/elasticsearch_9200/bin/elasticsearch -d
sleep 10 && netstat -lnpt | egrep "(9200|9300)"
Copyright © www.sqlfans.cn 2024 All Right Reserved更新时间: 2023-09-22 15:11:25

results matching ""

    No results matching ""