security: patch log4j remote code execution vulnerability (#1178)

2026-04-04 20:58:52 +00:00 · 2021-12-10 14:52:19 +01:00
parent 529d92fa63
commit 0718a62007
1 changed files with 3 additions and 0 deletions
--- a/scripts/start-finalExec
+++ b/scripts/start-finalExec
@@ -85,6 +85,9 @@ if [ -n "$JVM_DD_OPTS" ]; then
      done
 fi

+# Patch Log4j remote code execution vulnerability
+JVM_OPTS="-Dlog4j2.formatMsgNoLookups=true ${JVM_OPTS}"
+
 if isTrue ${ENABLE_JMX}; then
  : ${JMX_PORT:=7091}
  JVM_OPTS="${JVM_OPTS}