Today I deployed updated 1.9.0-SNAPSHOT packages for powertac-core and powertac-server. If your broker is using an older version, such as the 1.8.0 release, it is time to update your pom.xml. The powertac-parent dependency is near the top of the file; it should be updated to read
<parent>
<groupId>org.powertac</groupId>
<artifactId>powertac-parent</artifactId>
<version>1.9.0-SNAPSHOT</version>
<relativePath />
</parent>
If you are running the server, you should be using the 1.9.0-SNAPSHOT version that's also fixed and deployed today. If you are using the latest
server-distribution, you will get this version the next time you run it. If you are running a local build of the server, you will need to pull down the latest from github and do a re-build.
Thanks to Govert Buijs and Erik Kemperman for alerting me and working out the details on this. FWIW, the reason the weather server has been down for a couple days is that Govert was concerned about this vulnerability and wanted me to check whether it applied to the weather server. It did not and the weather server is back up and running.
As always, please let us know if you have questions or concerns.
John