Dear Colleagues, We have deployed Whois release 1.102.3 to production to fix a vulnerability in the Spring Framework library (Spring4Shell).
The only change from the current Whois release 1.102.2 is to update the spring dependency from 5.3.13 to 5.3.18. Whois is not vulnerable to the already known exploit, but we updated in case further exploits appear. Regards Ed Shryane RIPE NCC -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/db-wg
