security fix in log4j2 zero day exploit https://www.lunasec.io/docs/blog/log4j-zero-day/