Merge pull request #15702 from rpastrana/HPCC-27021-elastic4hpcclogs-log4jpatch7-16-3NEW

HPCC-27021 Update elastic4hpcclogs to latest log4j patched ELK

Reviewed-By: Richard Chapman <rchapman@hpccsystems.com>

helm/managed/logging/elastic/Chart.yaml

@@ -5,10 +5,10 @@ type: application
 
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
-version: 1.2.1
+version: 1.2.2
 
 # Elastic Stack version
-appVersion: 7.16.2
+appVersion: 7.16.3
 
 # Dependencies can be automatically updated via HELM dependancy update command:
 # > 'helm dependency update' command
@@ -16,12 +16,12 @@ appVersion: 7.16.2
 # > helm install myelastic ./ —-dependency-update
 dependencies:
 - name: filebeat
-  version: 7.16.2
+  version: 7.16.3
   repository: https://helm.elastic.co
 - name: elasticsearch
-  version: 7.16.2
+  version: 7.16.3
   repository: https://helm.elastic.co
 - name: kibana # Optional managed logging processor front-end
-  version: 7.16.2
+  version: 7.16.3
   repository: https://helm.elastic.co
   condition: kibana.enabled

helm/managed/logging/elastic/README.md

@@ -21,6 +21,13 @@
     <tr>
       <td>
         <ul>
+          <li>elastic4hpcclogs chart version 1.2.2 references Elastic Stack 7.16.3 (Log4j 2.17.1) which "By default, Elasticsearch and Logstash have no known vulnerabilities to CVE-2021-44832."</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td>
+        <ul>
           <li>elastic4hpcclogs chart version 1.2.1 references Elastic Stack 7.16.2 (Log4j 2.17.0) which reportedly fully mitigates CVE-2021-44228 and should avoid false positives in vulnerability scanners.</li>
           <li>Learn more about Elastic's 7.16.2 release and their response to the vulnerability: https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476</li>
         </ul>