From 43aa8cfda86bfb453a551444cb1538f0a8956f34 Mon Sep 17 00:00:00 2001
From: Andreas Hefti <andreas.hefti@let.ethz.ch>
Date: Tue, 14 Dec 2021 09:54:11 +0100
Subject: [PATCH] Update README.rst

---
 README.rst | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/README.rst b/README.rst
index 0c37c8fa..383cd6f9 100644
--- a/README.rst
+++ b/README.rst
@@ -19,6 +19,14 @@ Development:
     :target: https://github.com/SafeExamBrowser/seb-server/tree/development
 
 
+---------
+
+**Note: Regarding to** `CVE-2021-44228 <https://nvd.nist.gov/vuln/detail/CVE-2021-44228>`_: SEB Server is not affected by the vulnerability. For more information please `read <https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot>`_ 
+
+However, to prevent security scanner to alert false-positives we decided to make a patch for the latest version of SEB Server (v1.2.6). If you want to update please make sure your installation refer to version v1.2-stable, v1.2-latest or v1.2.6. Then simply make a update/rebuild of your seb-server docker image.
+
+---------
+
 About
 -----
 The Safe Exam Browser Server web application simplifies and centralizes the configuration of Safe Exam Browser clients for exams. It interacts with a learning management or exam system for setting up and conducting e-assessments with Safe Exam Browser. It also improves security by allowing to monitor connected Safe Exam Browser clients in real time during e-assessments.