This patch releases updates the version of Log4j used in OpenSearch to Log4j 2.15.0 as recommended by the advisory in CVE-2021-44228. Additionally, this patch release includes an update to Linux version used in the Docker distributions as recommended by CVE-2021-43527.
- Upgrade to log4j 2.15.0 (#1698)
- Bumping log4j to 2.15.0 (#1520)