Return-path: <713-XSC-918.0.790085.0.0.59707.9.179484920@bounce.cloudflare.com> Envelope-to: lojban@lojban.org Delivery-date: Fri, 10 Dec 2021 16:57:38 -0800 Received: from bounce.cloudflare.com ([192.28.154.211]:43290) by 7051bea86fdb with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <713-XSC-918.0.790085.0.0.59707.9.179484920@bounce.cloudflare.com>) id 1mvqhk-000ddd-04 for lojban@lojban.org; Fri, 10 Dec 2021 16:57:37 -0800 X-MSFBL: Kmy9Azndi3OUm+p/frL3yli1vkbEgFEMSnbbgbUJ5Fg=|eyJyIjoibG9qYmFuQGx vamJhbi5vcmciLCJ1IjoiNzEzLVhTQy05MTg6MDo1MDg5MDo0MTMyODQ6MTA1NTY 4NDo1OTcwNzo5Ojc5MDA4NToxNzk0ODQ5MjAiLCJiIjoiZHZwLTE5Mi0yOC0xNTQ tMjExIiwiZyI6ImJnLWFiZC04NDQifQ== DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1639184254; s=m1; d=cloudflare.com; i=@cloudflare.com; h=Content-Type:MIME-Version:Subject:To:From:Date; bh=LzTA4TMzHyX5EZ1aUB3CJaMI59Wq88UBiKmBzbUK9Wk=; b=SPFtX4ZxHCSUWzYjPY6wXQRJogFtC51SiuNoBEiRjuSQudGcW2jnKW2YRHiVa4z6 pdAp1ozt6+bZ+ZPvZWn09mgoUCpG4+FCVmyXKEldT6/zkBlmmLVQVF3IxM3Arhkm1qs Iv7hpqoWjWdK/5HkOpP/OUPs1x41AslphtT5mlYs= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1639184254; s=m1; d=mktdns.com; i=@mktdns.com; h=Content-Type:MIME-Version:Subject:To:From:Date; bh=LzTA4TMzHyX5EZ1aUB3CJaMI59Wq88UBiKmBzbUK9Wk=; b=SPYY5gm/1U297ni1u5/a05/O5dRlSHbR8D8aTH7RrbWBAHuCTutdbygbFCH+zM8d n8r+Ku/KlqDRPu/F3G9nSKThyDuSeDBUEKvm3eq0jkVIOTqF8P7gNZjri8OeQTHTCHZ K6EhbQ1Kl8+Sd/72BLycOBA9qEuh05z/duDDdsik= Date: Fri, 10 Dec 2021 18:57:34 -0600 (CST) From: Cloudflare Reply-To: no-reply@cloudflare.com To: lojban@lojban.org Message-ID: <2010908843.23140449.1639184254927@abmktmail-batch1c.marketo.org> Subject: Protection against Log4j RCE 0-day (CVE-2021-44228) MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_23140448_2063482759.1639184254926" X-Binding: bg-abd-844 List-Unsubscribe: X-PVIQ: mkto-713XSC918-000001-000000-790085 X-MarketoID: 713-XSC-918:0:50890:413284:1055684:59707:9:790085:179484920 X-Mailfrom: 713-XSC-918.0.790085.0.0.59707.9.179484920@bounce.cloudflare.com X-MktArchive: false X-MSYS-API: {"options":{"open_tracking":false,"click_tracking":false}} X-MktMailDKIM: true X-Spam-Score: -0.7 (/) X-Spam_score: -0.7 X-Spam_score_int: -6 X-Spam_bar: / ------=_Part_23140448_2063482759.1639184254926 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit You can also view this email as a webpage <[[https://info.cloudflare.com/index.php/email/emailWebview?mkt_tok=NzEzLVhTQy05MTgAAAGBRfd3yYw_W6mPFpuHdshSc2YHYQKPlcLF4YoY7NpHWNl-vybR1oXPpQSNYNQ5fGkAGmxX65J6Y2L4-Vlb4iCoeIABQfVvZmQbxZJ-edC9XOUhLCsA&md_id=59707]]>. Hello Robin, As you may know, a zero-day exploit affecting the popular Apache Log4j utility (CVE-2021-44228) was made public on December 9, 2021 that results in remote code execution (RCE). For all organizations using Log4j, they should update to version 2.15.0 as soon as possible. The latest version can be found at the Log4j download page . Customers subscribing to our paid PRO and BUSINESS plans and using our WAF are automatically receiving help with mitigating this vulnerability. As a Cloudflare FREE user, it is important to us that your site is protected from high severity vulnerabilities. For this reason we are actively deploying mitigation rules on your zones to block any malicious exploit attempts. No action is required from you to turn the new rules on. For more information please see our blog . The Cloudflare Team ------=_Part_23140448_2063482759.1639184254926 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20
=20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20
=20
You can also view this email as a=20 webpage.
=20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20
=20 =20 =20 =20 =20 =20 =20 =20 =20
=20 =20 =20 =20 =20 =20 =20 =20
=20
=20 =20 =20 =20 =20 =20 =20
3D"Cloudflare
=20
=20
=20 =20 =20 =20 =20 =20 =20 =20 =20 =20
 
=20
=20 =20 =20 =20 =20 =20 =20 =20 =20 =20
=20
Hello Robin,=20
=20
As you may know, a zero-day exploit affecting the popular Apache Log4j= utility (CVE-2021-44228) was made public on December 9, 2021 that results = in remote code execution (RCE).=20
=20
For all organizations using Log4j, they should update to version 2.15.= 0 as soon as possible. The latest version can be found at the=20 Log4j download page.=20
=20
Customers subscribing to our paid PRO and BUSINESS plans and using our= WAF are automatically receiving help with mitigating this vulnerability.= =20
=20
As a Cloudflare FREE user, it is important to us that your site is pro= tected from high severity vulnerabilities. For this reason we are actively = deploying mitigation rules on your zones to block any malicious exploit att= empts. No action is required from you to turn the new rules on.=20
=20
For more information please see=20 our blog.=20
=20
The Cloudflare Team=20
=20
=20 =20 =20 =20 =20 =20 =20 =20 =20
 
=20 =20 =20 =20 =20 =20 =20 =20 =20 =20
 
=20
=20 =20 =20 =20 =20 =20 =20 =20 =20 =20
 
=20
=20 =20 =20 =20 =20 =20 =20 =20 =20 =20
=20
=20 =20 =20 =20 =20 =20 =20 =20
= THIS IS A SERVICE-RELATED EMAIL
This email was sent to lojban@l= ojban.org because you are a Cloudflare customer or requested information&nb= sp;about Cloudflare services.

=C2=A9 2021 Cloudflare. All Right= s Reserved. www.cloudflare.com 101 Townsend St. San Francisco, CA. 94107=20
=20 =20 =20 =20 =20 =20 =20 =20 =20 =20
3D"Facebook"3D"Twitter"3D"LinkedIn"3D"Instagram"
=20
=20 =20 =20 =20 =20 =20 =20 =20 =20 =20
 
=20
=20 =20 =20 =20 =20
=20
=20 ------=_Part_23140448_2063482759.1639184254926--