Yes, that release fixes the CVE. I still need to submit an update to Mitre about that.
On Wed, 26 Aug 2020 at 09:52, #CircusLogic <circuslo...@protonmail.com.invalid> wrote: > > Team - > > The latest that I read about log4net.dll is that it is dormant as of 2017 and > the latest version was 2.0.8. > > But then I read that there is now a version 2.0.9. What is in 2.0.9? Is a fix > for CVE-2018-1285 included? > > Thanks, > CL -- Matt Sicker <boa...@gmail.com>
