Dear list members,
as written yesterday: ILIAS is not vulnerable to the current security issue that is getting wide media coverage. But we have followed the vendors recommendation and also the official BSI advisory and updated the logging dependency in the ilServer to the newest available version.
The release manager and the product manager are already working on preparing a special release out of the regular schedule and we are confident to be able to announce that at very short notice. If you feel you can't wait for the release to be bundled and tagged, you can already update your installation using the "git pull" method as described in https://docu.ilias.de/goto_docu_lm_367.html#minor-upgrade .
We always recommend to keep your ILIAS installations up-to-date. For more detailed explanations don't hesitate to contact us.
Best regards, The ILIAS Security Group
on behalf of the ILIAS e.V. and the Technical Board