This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[db-wg] Whois Release 1.102.3

• Previous message (by thread): [db-wg] Decision on NWI-2 Historical queries

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Edward Shryane eshryane at ripe.net
Thu Mar 31 17:20:02 CEST 2022

Dear Colleagues,

We have deployed Whois release 1.102.3 to production to fix a vulnerability in the Spring Framework library (Spring4Shell).

The only change from the current Whois release 1.102.2 is to update the spring dependency from 5.3.13 to 5.3.18.

Whois is not vulnerable to the already known exploit, but we updated in case further exploits appear.

Regards
Ed Shryane
RIPE NCC

• Previous message (by thread): [db-wg] Decision on NWI-2 Historical queries

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ db-wg Archives ]