Change Details

https://access.redhat.com/security/cve/CVE-2021-43527 was made public on December 1 and is included in the Elasticsearch Docker images we release. Unfortunately per https://hub.docker.com/_/elasticsearch the supported images are not compatible with the extra plugins we use. Using a later images isn't an option. Running updates at build time does also not resolve the problem. It is also unclear to me how serious this issue is in terms of Elasticsearch running, maybe it's not even affected (however [NSS](https://en.wikipedia.org/wiki/Network_Security_Services) seems like it would be used) Possible solutions 1. roll a custom image based on something else. The 6.5.4 images doesn't look that [complicated](https://hub.docker.com/layers/elasticsearch/library/elasticsearch/6.5.4/images/sha256-93109ce1d590482a06ba085943082b314ac188fcfdbffb68aebb00795c72bc8a?context=explore) 2. Start looking at something other than elasticsearch, but i guess it's very unclear how much of a drop-in solution this new OpenSearch alternative is?

https://access.redhat.com/security/cve/CVE-2021-43527 was made public on December 1 and is included in the Elasticsearch Docker images we release. Unfortunately per https://hub.docker.com/_/elasticsearch the supported images are not compatible with the extra plugins we use. Using a later images isn't an option. Running updates at build time does also not resolve the problem. It is also unclear to me how serious this issue is in terms of Elasticsearch running, maybe it's not even affected (however [NSS](https://en.wikipedia.org/wiki/Network_Security_Services) seems like it would be used by many components) Possible solutions 1. roll a custom image based on something else. The 6.5.4 images doesn't look that [complicated](https://hub.docker.com/layers/elasticsearch/library/elasticsearch/6.5.4/images/sha256-93109ce1d590482a06ba085943082b314ac188fcfdbffb68aebb00795c72bc8a?context=explore) 2. Start looking at something other than elasticsearch, but i guess it's very unclear how much of a drop-in solution this new OpenSearch alternative is?

https://access.redhat.com/security/cve/CVE-2021-43527 was made public on December 1 and is included in the Elasticsearch Docker images we release. Unfortunately per https://hub.docker.com/_/elasticsearch the supported images are not compatible with the extra plugins we use. Using a later images isn't an option. Running updates at build time does also not resolve the problem. It is also unclear to me how serious this issue is in terms of Elasticsearch running, maybe it's not even affected (however [NSS](https://en.wikipedia.org/wiki/Network_Security_Services) seems like it would be used by many components) Possible solutions 1. roll a custom image based on something else. The 6.5.4 images doesn't look that [complicated](https://hub.docker.com/layers/elasticsearch/library/elasticsearch/6.5.4/images/sha256-93109ce1d590482a06ba085943082b314ac188fcfdbffb68aebb00795c72bc8a?context=explore) 2. Start looking at something other than elasticsearch, but i guess it's very unclear how much of a drop-in solution this new OpenSearch alternative is?