Elastic Diagnostics and Log4j2 vulnerability

Does upgrading to 8.2.6 fix all known Log4j2 issues with Elastic Diagnostics?

Should it be on the Elastic list of software affected by Log4j2 to remind users to upgrade?

https://logging.apache.org/log4j/2.x/security.html

This is not a product that we support in the same way as we would the Elastic Stack, so it's not going to be listed in the main announcement, no.

There will likely be an upgrade to it with the new library, yes.