Release Repast Simphony 2.9.1 · Repast/repast.simphony

The Repast Development Team is happy to announce the maintenance release of Repast Simphony 2.9.1.

Log4J was updated to version 2.17.2.

This release was prompted by the Log4j vulnerability CVE-2021-44228, affecting Log4j versions 2.0-beta9 to 2.14.1. While the Log4J jar previously included with the Repast Simphony distribution did not contain this vulnerability, we provide this update to help with IT department security scans looking for Log4J versions prior to 2.15. (More information on CVE-2021-44228 can be found here: https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce)

As a note, the distribution includes the org.apache.log4j_1.2.15.v201012070815.jar. This is not a Log4J jar. It contains binding code for Eclipse to use Log4J so is not related to the CVE-2021-44228 vulnerability.

The new release can be downloaded from https://repast.github.io/download.html

As usual, tutorials and documentation can be found at https://repast.github.io/docs.html
Please see the support page if you have any questions https://repast.github.io/support.html

Thanks to everyone who contributed to the release!

Repast Development Team
https://repast.github.io

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repast Simphony 2.9.1