Hello AtoM community,
In case you haven't yet heard, there was a security vulnerability recently announced in Apache Log4j that has been causing a lot of global conversation.
Because Elasticsearch uses Log4j for logging, and AtoM uses Elasticsearch as its search index, this issue does impact AtoM users.
We have put together an FAQ with links and further information, including our recommendations for patching this issue locally. Please see:
Please note that this is not the only way to patch the issue - it's simply the easiest and least disruptive method our team has found and tested for production installations.
We will be continuing to monitor this situation, and should we discover any new information that supplements or contradicts our FAQ, I will post an update here when our wiki FAQ guide has been updated.