Apache has once again updated Log4j, this time to version 2.17. The newest version of the logging library fixes a high-severity denial-of-service issue. The vulnerability affects all versions of Log4j from 2.0-beta9 through 2.16.0. Last week, the US Cybersecurity and Infrastructure Security Agency (CISA) directed federal agencies to patch systems or apply mitigations by Friday, December 24. More https://www.govinfosecurity.com/time-to-patch-log4j-again-apache-releases-217-fixing-dos-a-18153
