From dfa85ea7948c7adaee1a974575e73489d9c4ab7d Mon Sep 17 00:00:00 2001 From: Peter Zhu Date: Wed, 22 Dec 2021 12:15:15 -0500 Subject: [PATCH 1/5] Add OpenSearch 1.2.3 Release Notes Files Signed-off-by: Peter Zhu --- .../opensearch-release-notes-1.2.3.md | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 release-notes/opensearch-release-notes-1.2.3.md diff --git a/release-notes/opensearch-release-notes-1.2.3.md b/release-notes/opensearch-release-notes-1.2.3.md new file mode 100644 index 0000000000..5f4ed12c35 --- /dev/null +++ b/release-notes/opensearch-release-notes-1.2.3.md @@ -0,0 +1,23 @@ +# OpenSearch 1.2.3 Release Notes + +## Release Highlights + +This patch releases updates the version of Log4j used in OpenSearch to Log4j 2.17.0 as recommended by the advisory in [CVE-2021-45105](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105). + +### OpenSearch + +* Increment version to 1.2.3 and backport log4j upgrade to 2.17.0 ([#1771](https://github.com/opensearch-project/OpenSearch/pull/1771)) + +### OpenSearch Security + +* Bump log4j-core from 2.16.0 to 2.17.0 ([#1535](https://github.com/opensearch-project/security/pull/1535)) + +### OpenSearch SQL + +* Bump log4j from 2.16.0 to 2.17.0 ([#345](https://github.com/opensearch-project/sql/pull/345)) + + +### OpenSearch Performance Analyzer + +* Upgrade log4j version from 2.16.0 to 2.17.0 ([#109](https://github.com/opensearch-project/performance-analyzer/pull/109)) +* Upgrade log4j version from 2.16.0 to 2.17.0 ([#105](https://github.com/opensearch-project/performance-analyzer-rca/pull/105)) From 5f1332d1cb2b23209ab38ec0d97c6f780a596141 Mon Sep 17 00:00:00 2001 From: Peter Zhu Date: Wed, 22 Dec 2021 12:38:17 -0500 Subject: [PATCH 2/5] Add OpenSearch 1.2.3 Release Notes Files Signed-off-by: Peter Zhu --- release-notes/opensearch-release-notes-1.2.3.md | 1 + 1 file changed, 1 insertion(+) diff --git a/release-notes/opensearch-release-notes-1.2.3.md b/release-notes/opensearch-release-notes-1.2.3.md index 5f4ed12c35..cc390acec3 100644 --- a/release-notes/opensearch-release-notes-1.2.3.md +++ b/release-notes/opensearch-release-notes-1.2.3.md @@ -6,6 +6,7 @@ This patch releases updates the version of Log4j used in OpenSearch to Log4j 2.1 ### OpenSearch +* Fix for regression issue in Azure plugin ([#1734](https://github.com/opensearch-project/OpenSearch/issues/1734)) * Increment version to 1.2.3 and backport log4j upgrade to 2.17.0 ([#1771](https://github.com/opensearch-project/OpenSearch/pull/1771)) ### OpenSearch Security From c0e26272a5b7db8846b596a1452102156caf877d Mon Sep 17 00:00:00 2001 From: Peter Zhu Date: Wed, 22 Dec 2021 12:44:33 -0500 Subject: [PATCH 3/5] Add OpenSearch 1.2.3 Release Notes Files Signed-off-by: Peter Zhu --- release-notes/opensearch-release-notes-1.2.3.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release-notes/opensearch-release-notes-1.2.3.md b/release-notes/opensearch-release-notes-1.2.3.md index cc390acec3..61781302b8 100644 --- a/release-notes/opensearch-release-notes-1.2.3.md +++ b/release-notes/opensearch-release-notes-1.2.3.md @@ -6,7 +6,7 @@ This patch releases updates the version of Log4j used in OpenSearch to Log4j 2.1 ### OpenSearch -* Fix for regression issue in Azure plugin ([#1734](https://github.com/opensearch-project/OpenSearch/issues/1734)) +* Fix repository-azure plugin hanging, regression introduced in 1.2.0 ([#1734](https://github.com/opensearch-project/OpenSearch/issues/1734)) * Increment version to 1.2.3 and backport log4j upgrade to 2.17.0 ([#1771](https://github.com/opensearch-project/OpenSearch/pull/1771)) ### OpenSearch Security From 97ff93f600bdb8ea3a8568e1584cb51e3caf6d35 Mon Sep 17 00:00:00 2001 From: Peter Zhu Date: Wed, 22 Dec 2021 12:46:34 -0500 Subject: [PATCH 4/5] Add OpenSearch 1.2.3 Release Notes Files Signed-off-by: Peter Zhu --- release-notes/opensearch-release-notes-1.2.3.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release-notes/opensearch-release-notes-1.2.3.md b/release-notes/opensearch-release-notes-1.2.3.md index 61781302b8..2b0735cb9a 100644 --- a/release-notes/opensearch-release-notes-1.2.3.md +++ b/release-notes/opensearch-release-notes-1.2.3.md @@ -7,7 +7,7 @@ This patch releases updates the version of Log4j used in OpenSearch to Log4j 2.1 ### OpenSearch * Fix repository-azure plugin hanging, regression introduced in 1.2.0 ([#1734](https://github.com/opensearch-project/OpenSearch/issues/1734)) -* Increment version to 1.2.3 and backport log4j upgrade to 2.17.0 ([#1771](https://github.com/opensearch-project/OpenSearch/pull/1771)) +* Increment version to 1.2.3 and upgrade upgrade log4j to 2.17.0 ([#1771](https://github.com/opensearch-project/OpenSearch/pull/1771)) ### OpenSearch Security From c17cc383dccfa04b49ce38023ab40ef7e8f07e03 Mon Sep 17 00:00:00 2001 From: Peter Zhu Date: Wed, 22 Dec 2021 12:47:09 -0500 Subject: [PATCH 5/5] Add OpenSearch 1.2.3 Release Notes Files Signed-off-by: Peter Zhu --- release-notes/opensearch-release-notes-1.2.3.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release-notes/opensearch-release-notes-1.2.3.md b/release-notes/opensearch-release-notes-1.2.3.md index 2b0735cb9a..7d6fea9461 100644 --- a/release-notes/opensearch-release-notes-1.2.3.md +++ b/release-notes/opensearch-release-notes-1.2.3.md @@ -7,7 +7,7 @@ This patch releases updates the version of Log4j used in OpenSearch to Log4j 2.1 ### OpenSearch * Fix repository-azure plugin hanging, regression introduced in 1.2.0 ([#1734](https://github.com/opensearch-project/OpenSearch/issues/1734)) -* Increment version to 1.2.3 and upgrade upgrade log4j to 2.17.0 ([#1771](https://github.com/opensearch-project/OpenSearch/pull/1771)) +* Increment version to 1.2.3 and upgrade log4j to 2.17.0 ([#1771](https://github.com/opensearch-project/OpenSearch/pull/1771)) ### OpenSearch Security