From 1426fed07453672a80dae47416fbf256d58b95f2 Mon Sep 17 00:00:00 2001 From: Dan Timoney Date: Tue, 14 Dec 2021 08:30:10 -0500 Subject: [SDNC] Mediate log4shell vulnerability Add Java system property setting to remediate day zero vulnerability, pending more permanent fix (upgrade CCSDK/SDNC to log4j v2.15.0, and upgrade to a version of OpenDaylight that has upgraded as well). Issue-ID: CCSDK-3556 Signed-off-by: Dan Timoney Change-Id: Id2a9e2743490daa23f3fa51f10a43beb91290e0b --- kubernetes/sdnc/templates/statefulset.yaml | 2 ++ 1 file changed, 2 insertions(+) (limited to 'kubernetes/sdnc/templates') diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index f53c41c0f5..d252c9a3fb 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -285,6 +285,8 @@ spec: value: "{{ .Values.config.javaHome}}" - name: JAVA_OPTS value: "-Xms{{.Values.config.odl.javaOptions.minMemory}} -Xmx{{.Values.config.odl.javaOptions.maxMemory}}" + - name: LOG4J_FORMAT_MSG_NO_LOOKUPS + value: "true" - name: KARAF_CONSOLE_LOG_LEVEL value: "{{ include "common.log.level" . }}" - name: SDNRWT -- cgit 1.2.3-korg