Due to the recent CVE-2020-7009 and from the ES recommendation, we are trying to upgrade from 6.8.2 to 6.8.8. However, on the Maven Repo, I see that some of the modules such as org.codelibs.elasticsearch.module:analysis-common and org.codelibs.elasticsearch.lib:plugin-classloader only have versions till 6.8.6.
Will 6.8.8 be released for these modules soon? Should we wait to upgrade till these versions are released or is there a workaround?
This is not an official elasticsearch dependency with the org.codelibs prefix. You may want to ping the respective maintainers of that.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.