This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[db-wg] Whois Release 1.102.1

• Previous message (by thread): [db-wg] Whois Release 1.102
• Next message (by thread): [db-wg] Whois Release 1.102.2

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Edward Shryane eshryane at ripe.net
Mon Dec 13 15:04:55 CET 2021

Dear Colleagues,

We have deployed Whois release 1.102.1 to production to fix the Log4Shell vulnerability: https://www.lunasec.io/docs/blog/log4j-zero-day/

The only change from Whois release 1.102 is to update the log4j dependency from 2.14.1 to 2.15.0.

We previously put a workaround in place last Friday morning to mitigate this vulnerability, we don't believe it has been exploited.

Regards
Ed Shryane
RIPE NCC

• Previous message (by thread): [db-wg] Whois Release 1.102
• Next message (by thread): [db-wg] Whois Release 1.102.2

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ db-wg Archives ]