I am running a 3 node, 7.6.2 cluster and came across the following critical alert during my latest Nessus scan on each:
The following Java JRE installation is unsupported : Path : /usr/share/elasticsearch/jdk/ Installed version : 1.13.0_2 Latest versions : 1.8.x / 1.11.x Support dates : 2020-03-01 (end of Premier Support)
To be honest, I had no idea that a jdk was bundled with Elasticsearch and thought it used the system default, but here we are. Anyone else come across this and if so, how did you overcome it?
Is an updated version of java included with 7.7? Everything else is working fine and don't want to start messing around with reconfiguring it to use the system java instead if I don't have to.
# pwd /usr/share/elasticsearch/jdk/bin # ./java --version openjdk 13.0.2 2020-01-14 OpenJDK Runtime Environment AdoptOpenJDK (build 13.0.2+8) OpenJDK 64-Bit Server VM AdoptOpenJDK (build 13.0.2+8, mixed mode, sharing)
For reference, my system jdk is 126.96.36.199.
# rpm -qa | grep openjdk-1 java-1.8.0-openjdk-188.8.131.52.b09-2.el7_8.x86_64 # java -version openjdk version "1.8.0_252" OpenJDK Runtime Environment (build 1.8.0_252-b09) OpenJDK 64-Bit Server VM (build 25.252-b09, mixed mode)