2021-12-22: OpenSearch 1.2.3 is now available
As previously tracked in Log4j Patch for CVE-2021-45046 & Log4j Patch for CVE-2021-44228 -
CVE-2021-45105 was issued shortly following the release of OpenSearch 1.2.2. This new CVE advises upgrading from Log4j 2.16.0 (used in OpenSearch 1.2.2) to Log4j 2.17.0.
All users should upgrade their OpenSearch clusters to this new version OpenSearch 1.2.3