Log4j exploit Update - JDK update only DOES NOT provide protection

Dear all,

It has come to the attention of our security team that updating the JDK version does not provide protection against the recent Log4j exploit. The only way to secure an affected version is to apply the JAVA_OPTS mitigation or update to one of the new patches here: Urgent Log4j server security vulnerability - REQUIRES IMMEDIATE ATTENTION!

Kind regards,
Phil

Please feel free to subscribe to the dhis2-security tag on the CoP (see New ‘dhis2-security’ tag for all important security alerts! ) if you wish to receive notifications for related posts.