We are happy to announce the release of Platform 2.4.2, the latest maintenance release of the 2.4.x branch. As a maintenance release, this primarily includes bug fixes. However, it does add support for Tomcat 8.x and Tomcat 9.x.
This release updates the version of Log4J2 to address CVE-2021-44228. This is a critical vulnerability and all implementations using the 2.4.x line of OpenMRS should upgrade as soon as they are able. For those unable to upgrade or needing a fix between now and when they are able to upgrade please see our Talk post about this issue.