Release date: December 17, 2021
About this release
Version 5.12.4 of DRACOON for Outlook for DRACOON Server users is a pure security update and does not contain any new features.
DRACOON for Outlook uses and contains the two libraries Apache Log4net and RestSharp, in which security vulnerabilities were discovered recently.
Version 5.12.4 of DRACOON for Outlook contains newer versions of these two libraries in which the above security vulnerabilities have been fixed.
Exploiting the security vulnerabilities in DRACOON for Outlook was only theoretically possible and therefore extremely unlikely, but we still recommend all users of DRACOON for Outlook to update to this new version as a precaution.
The above vulnerability in Log4net is unrelated to the recently discovered vulnerability in Log4j and targets a different scenario.