Environment:DevTest 10.3.0 on all platforms.
Answer:Yes.
Even though the elasticsearch-1.5.2.jar is still delivered with DevTest 10.3.0, code changes resolve the vulnerability at runtime.
A new jar will be replacing the outdated jar in a future release.