From 0718a6200727cf6ddc56721c9481754d900cf9d9 Mon Sep 17 00:00:00 2001
From: Pascal Sthamer <sthamer.pascal@gmail.com>
Date: Fri, 10 Dec 2021 14:52:19 +0100
Subject: [PATCH] security: patch log4j remote code execution vulnerability
 (#1178)

---
 scripts/start-finalExec | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/scripts/start-finalExec b/scripts/start-finalExec
index 519883e9..be258049 100755
--- a/scripts/start-finalExec
+++ b/scripts/start-finalExec
@@ -85,6 +85,9 @@ if [ -n "$JVM_DD_OPTS" ]; then
       done
 fi
 
+# Patch Log4j remote code execution vulnerability
+JVM_OPTS="-Dlog4j2.formatMsgNoLookups=true ${JVM_OPTS}"
+
 if isTrue ${ENABLE_JMX}; then
   : ${JMX_PORT:=7091}
   JVM_OPTS="${JVM_OPTS}