13 Dec
2021
13 Dec
'21
3:04 p.m.
Dear Colleagues, We have deployed Whois release 1.102.1 to production to fix the Log4Shell vulnerability: https://www.lunasec.io/docs/blog/log4j-zero-day/ The only change from Whois release 1.102 is to update the log4j dependency from 2.14.1 to 2.15.0. We previously put a workaround in place last Friday morning to mitigate this vulnerability, we don't believe it has been exploited. Regards Ed Shryane RIPE NCC