Dear Colleagues, We have deployed Whois release 1.102.1 to production to fix the Log4Shell vulnerability: https://www.lunasec.io/docs/blog/log4j-zero-day/
The only change from Whois release 1.102 is to update the log4j dependency from 2.14.1 to 2.15.0. We previously put a workaround in place last Friday morning to mitigate this vulnerability, we don't believe it has been exploited. Regards Ed Shryane RIPE NCC -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/db-wg
