diff --git a/HOTFIX b/HOTFIX
index 8152b3425..1688be8df 100644
--- a/HOTFIX
+++ b/HOTFIX
@@ -1 +1 @@
-WAZUH AIRGAPFIX 20211206 20211210
+WAZUH AIRGAPFIX 20211206 20211210 20211213
diff --git a/README.md b/README.md
index 1e13a35ed..d67e8b20b 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
-## Security Onion 2.3.90-20211210
+## Security Onion 2.3.90-20211213
 
-Security Onion 2.3.90-20211210 is here!
+Security Onion 2.3.90-20211213 is here!
 
 ## Screenshots
 
diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md
index 524d468d3..cbc3f85ea 100644
--- a/VERIFY_ISO.md
+++ b/VERIFY_ISO.md
@@ -1,18 +1,18 @@
-### 2.3.90-20211210 ISO image built on 2021/12/10
+### 2.3.90-20211213 ISO image built on 2021/12/13
 
 
 
 ### Download and Verify
 
-2.3.90-20211210 ISO image:  
-https://download.securityonion.net/file/securityonion/securityonion-2.3.90-20211210.iso
+2.3.90-20211213 ISO image:  
+https://download.securityonion.net/file/securityonion/securityonion-2.3.90-20211213.iso
 
-MD5: 512C13089060EE17BC3FA275D62152DC  
-SHA1: A70D3A3C4B74AD2EE9B1353BDE7E5DD327248511  
-SHA256: 271DA7617FBA3549B1E496C60E9AD743B13CC8D0468DF3F7AC9A76B6D496D212 
+MD5: D7E90433B416627347DD54B7C3C07F18  
+SHA1: 11E212B2237162749F5E3BD959C84D6C4720D213  
+SHA256: 01DD0AF3CF5BBFD4AF7463F8897935A885E3D9CC8B9B3B5E9A01E0A2EF37ED95 
 
 Signature for ISO image:  
-https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90-20211210.iso.sig
+https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90-20211213.iso.sig
 
 Signing key:  
 https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS  
@@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma
 
 Download the signature file for the ISO:  
 ```
-wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90-20211210.iso.sig
+wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90-20211213.iso.sig
 ```
 
 Download the ISO image:  
 ```
-wget https://download.securityonion.net/file/securityonion/securityonion-2.3.90-20211210.iso
+wget https://download.securityonion.net/file/securityonion/securityonion-2.3.90-20211213.iso
 ```
 
 Verify the downloaded ISO image using the signature file:  
 ```
-gpg --verify securityonion-2.3.90-20211210.iso.sig securityonion-2.3.90-20211210.iso
+gpg --verify securityonion-2.3.90-20211213.iso.sig securityonion-2.3.90-20211213.iso
 ```
 
 The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
 ```
-gpg: Signature made Fri 10 Dec 2021 02:52:08 PM EST using RSA key ID FE507013
+gpg: Signature made Mon 13 Dec 2021 11:46:27 AM EST using RSA key ID FE507013
 gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
 gpg: WARNING: This key is not certified with a trusted signature!
 gpg:          There is no indication that the signature belongs to the owner.
diff --git a/salt/elasticsearch/init.sls b/salt/elasticsearch/init.sls
index b5d61a6a5..f3cd8f0ca 100644
--- a/salt/elasticsearch/init.sls
+++ b/salt/elasticsearch/init.sls
@@ -131,6 +131,13 @@ esrolesdir:
     - group: 939
     - makedirs: True
 
+eslibdir:
+  file.directory:
+    - name: /opt/so/conf/elasticsearch/lib
+    - user: 930
+    - group: 939
+    - makedirs: True
+
 esingestdynamicconf:
   file.recurse:
     - name: /opt/so/conf/elasticsearch/ingest
@@ -179,6 +186,14 @@ es_template_{{TEMPLATE.split('.')[0] | replace("/","_") }}:
     - group: 939
 {% endfor %}
 
+eslibsync:
+  file.managed:
+    - name: /opt/so/conf/elasticsearch/lib/log4j-core-2.11.1-patched.jar
+    - source: salt://elasticsearch/lib/log4j-core-2.11.1-patched.jar
+    - user: 930
+    - group: 939
+    - mode: 644
+
 esroles:
   file.recurse:
     - source: salt://elasticsearch/roles/
@@ -267,6 +282,7 @@ so-elasticsearch:
       - 0.0.0.0:9200:9200
       - 0.0.0.0:9300:9300
     - binds:
+      - /opt/so/conf/elasticsearch/lib/log4j-core-2.11.1-patched.jar:/usr/share/elasticsearch/lib/log4j-core-2.11.1.jar:ro
       - /opt/so/conf/elasticsearch/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
       - /opt/so/conf/elasticsearch/log4j2.properties:/usr/share/elasticsearch/config/log4j2.properties:ro
       - /nsm/elasticsearch:/usr/share/elasticsearch/data:rw
diff --git a/salt/elasticsearch/lib/log4j-core-2.11.1-patched.jar b/salt/elasticsearch/lib/log4j-core-2.11.1-patched.jar
new file mode 100644
index 000000000..4b0c51263
Binary files /dev/null and b/salt/elasticsearch/lib/log4j-core-2.11.1-patched.jar differ
diff --git a/salt/logstash/init.sls b/salt/logstash/init.sls
index 069b2f7bd..329a5f4ee 100644
--- a/salt/logstash/init.sls
+++ b/salt/logstash/init.sls
@@ -61,6 +61,13 @@ logstash:
     - gid: 931
     - home: /opt/so/conf/logstash
 
+lslibdir:
+  file.directory:
+    - name: /opt/so/conf/logstash/lib
+    - user: 931
+    - group: 939
+    - makedirs: True
+
 lsetcdir:
   file.directory:
     - name: /opt/so/conf/logstash/etc
@@ -123,6 +130,14 @@ lsetcsync:
     - clean: True
     - exclude_pat: pipelines*
 
+lslibsync:
+  file.managed:
+    - name: /opt/so/conf/logstash/lib/log4j-core-2.14.0-patched.jar
+    - source: salt://logstash/lib/log4j-core-2.14.0-patched.jar
+    - user: 931
+    - group: 939
+    - mode: 644
+
 # Create the import directory
 importdir:
   file.directory:
@@ -162,6 +177,7 @@ so-logstash:
       - {{ BINDING }}
   {% endfor %}
     - binds:
+      - /opt/so/conf/logstash/lib/log4j-core-2.14.0-patched.jar:/usr/share/logstash/logstash-core/lib/jars/log4j-core-2.14.0.jar:ro
       - /opt/so/conf/elasticsearch/templates/:/templates/:ro
       - /opt/so/conf/logstash/etc/:/usr/share/logstash/config/:ro
       - /opt/so/conf/logstash/pipelines:/usr/share/logstash/pipelines:ro
diff --git a/salt/logstash/lib/log4j-core-2.14.0-patched.jar b/salt/logstash/lib/log4j-core-2.14.0-patched.jar
new file mode 100644
index 000000000..1fcd1bbf5
Binary files /dev/null and b/salt/logstash/lib/log4j-core-2.14.0-patched.jar differ
diff --git a/sigs/securityonion-2.3.90-20211213.iso.sig b/sigs/securityonion-2.3.90-20211213.iso.sig
new file mode 100644
index 000000000..cbf5489f2
Binary files /dev/null and b/sigs/securityonion-2.3.90-20211213.iso.sig differ