Having received multiple inquiries from customers about how (or whether) we are impacted by the recently announced log4j “log4shell” vulnerability, we felt it prudent to update all of our customers (and open source users) en-masse.
The short answer, and good news for all of us, is that we are not impacted at all, as we don’t use log4j, or any Java, in any of our systems. This includes both the software itself, and the servers on which we host those of you who chose to go the hosted route.
If you do use Java (and therefore, likely, log4j) in your infrastructure, hopefully you’re already aware of the situation. If not, please see the link above.
Stay safe out there – we haven’t seen one this bad since Heartbleed.