Security Updates Released
17.02.2022
After the log4shell updates Apache Foundation has released newer version of log4j2 that fixes some CVEs. We have released newer versions of our applications with log4j2 2.17.1, which fixes the issues. In addition, the applications use the latest version 4.7.2 of our Prosys OPC UA SDK for Java toolkit. Moreover, they now use JavaFX version 17.0.2, which provides fixes to some memory leaks.
We would recommend everyone to update to these versions. However, we also want to note that while we are affected by one of the CVEs, in practice it should have no impact per se. See https://logging.apache.org/log4j/2.x/security.html for more information about the CVEs.
New security updates are available for the following products:
Please note, Simulation Server users can request beta version of the application from the Simulation Server Support Channel if needed.
To learn more about the security vulnerability in Java-based OPC UA applications, check our Blog Post.
Please contact Prosys OPC Sales for more information.
About Prosys OPC Ltd
Prosys OPC is a leading provider of professional OPC software and services with over 20 years of experience in the field. OPC and OPC UA (Unified Architecture) are communications standards used especially by industrial and high-tech companies.
Newest blog posts
Why Do Standards Matter in Smart Manufacturing?
The blog post discusses the importance of standards in smart manufacturing, envisioning a future where auto-configurable systems in manufacturing rely on standardized data formats for seamless integration and reduced costs, with a focus on the OPC UA standard family as a key enabler.
OPC UA PubSub to Cloud via MQTT
Detailed overview of the demo presented at the OPC Foundation booth
SimServer How To #3: Simulate data changes on a server using an OPC UA client
A two-part step-by-step tutorial on how to write data changes on an OPC UA server using an OPC UA client.
