我们如何帮助您?

您可以浏览我们的文档或通过我们的支持门户提出请求

仅限运行会员。

网络状态 / 重要更新

提供网络状态和所有网络服务的维护信息。请注意,正常工作时间之外(晚上、节假日等)的网络状态更新可能略有延迟。

我们的网络 Operational

NETWORK Status

我们的网络 Operational

KEY UPdates

As previously communicated on Dec 20, 2021, the situation of new Log4j vulnerabilities being discovered was developing fast and fluid. Contour continuously monitor and assess the new developments, apply industry recommended remediations to address the vulnerabilities impacting Contour application.

With the situation stabilized, no new vulnerabilities of Log4j reported last week, and the latest Log4j version 2.17.0 comes with the remediations for the known vulnerabilities. Contour will be releasing new patches for all supported versions of Contour, with reference to the release schedule below.

Once the patch is ready, please contact us via our support portal to request the latest package and upgrade your Contour nodes as soon as possible.

Patch Release Schedule

Version with new patch Patch target shipping date
Contour 7.0.3* 30 Dec 2021
Contour 6.1.5* 30 Dec 2021
Contour 6.0.2** 30 Dec 2021

Notes:
* For Contour 6.1 and 7.0, the web application is patched with Log4j 2.17.0, and Corda Enterprise with Log4j 2.16.0. R3 has confirmed the vulnerability addressed by Log4j 2.17.0 already has effective countermeasure in Corda, with reference to R3 Update December 21 2021.

** For Contour 6.0, the web application is patched with Log4j 2.17.0, and Corda Enterprise (CE) with Log4j 2.13.0 (vulnerable). R3 has confirmed NO patching will be made available for CE4.1 used in Contour 6.0. Therefore, recommend members to upgrade to Contour 7.0 as soon as possible.

Further Work
We will continue to conduct regular security and penetration tests by our CREST accredited tester (our last test was conducted in October) as well as continually review our security scans and industry reports for other possible incidents.

Information security and transparency are top priorities for Contour which is why we are targeting our final ISO27001 audit in the coming months together with the development of increased security and network monitoring features. If you have any further questions please raise a request via our support portal.

 

我们如何支持我们的用户?

需要访问我们的资源?

我们的资源持续更新,并仅面向运行用户提供。如果您需要设立帐户,请您委托当前代表通过 支持门户 为您提出请求,或者直接 联系我们