Response to the Log4j Vulnerability

Dakota's GUI uses the Log4j library for logging. A serious vulnerability in Log4j was announced in December 2021.

To address the vulnerability, we have removed all downloads that contain affected versions of this library. We updated the GUI for Dakota versions 6.13, 6.14, and 6.15 with a more recent version of Log4j that is not affected by the vulnerability. Files available on our Download page that have a patch number (6.13.1, 6.14.1, and 6.15.1) in their names include the updated GUI. Executables in these files will still report the unpatched version number.