mirror of
https://github.com/elastic/elasticsearch.git
synced 2025-06-28 17:34:17 -04:00
28 lines
629 B
Groovy
28 lines
629 B
Groovy
plugins {
|
|
id 'base'
|
|
id 'elasticsearch.repositories'
|
|
}
|
|
|
|
configurations {
|
|
log4j {
|
|
transitive = false
|
|
}
|
|
}
|
|
|
|
dependencies {
|
|
log4j "org.apache.logging.log4j:log4j-core:${versions.log4j}"
|
|
}
|
|
|
|
// Strip out JndiLookup class to avoid any possibility of exploitation of CVE-2021-44228
|
|
// See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
|
|
// See: https://issues.apache.org/jira/browse/LOG4J2-3201
|
|
def patchLog4j = tasks.register('patchLog4j', Zip) {
|
|
archiveExtension = 'jar'
|
|
from({ zipTree(configurations.log4j.singleFile) }) {
|
|
exclude '**/JndiLookup.class'
|
|
}
|
|
}
|
|
|
|
artifacts {
|
|
'default'(patchLog4j)
|
|
}
|