You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by ja...@apache.org on 2019/08/14 07:41:36 UTC
svn commit: r1865091 - /lucene/cms/trunk/content/solr/news.mdtext
Author: janhoy
Date: Wed Aug 14 07:41:36 2019
New Revision: 1865091
URL: http://svn.apache.org/viewvc?rev=1865091&view=rev
Log:
solr.in.sh announce for 8.1.1 and 8.2.0
Modified:
lucene/cms/trunk/content/solr/news.mdtext
Modified: lucene/cms/trunk/content/solr/news.mdtext
URL: http://svn.apache.org/viewvc/lucene/cms/trunk/content/solr/news.mdtext?rev=1865091&r1=1865090&r2=1865091&view=diff
==============================================================================
--- lucene/cms/trunk/content/solr/news.mdtext (original)
+++ lucene/cms/trunk/content/solr/news.mdtext Wed Aug 14 07:41:36 2019
@@ -2,6 +2,33 @@ Title: News
# Solr<sup>™</sup> News
+## 14 August 2019, [ANNOUNCE] 8.1.1 and 8.2.0 users check ENABLE_REMOTE_JMX_OPTS setting
+
+ Severity: Low
+
+ Versions Affected:
+ 8.1.1 and 8.2.0 for Linux
+
+ Description:
+ It has been discovered [1] that the 8.1.1 and 8.2.0 releases contain a bad default
+ setting for the ENABLE_REMOTE_JMX_OPTS setting in the default solr.in.sh file
+ shipping with Solr.
+
+ Windows users and users with custom solr.in.sh files are not affected.
+
+ If you are using the default solr.in.sh file from the affected releases, then
+ JMX monitoring will be enabled and exposed on JMX_PORT (default = 18983),
+ without any authentication. So if your firewalls allows inbound traffic on
+ JMX_PORT, then anyone with network access to your Solr nodes will be able to
+ access monitoring data exposed over JMX.
+
+ Mitigation:
+ Edit solr.in.sh, set ENABLE_REMOTE_JMX_OPTS=false and restart Solr.
+ Alternatively wait for the future 8.3.0 release and upgrade.
+
+ References:
+ [1] https://issues.apache.org/jira/browse/SOLR-13647
+
## 26 July 2019, Apache Solr⢠8.2.0 available
The Lucene PMC is pleased to announce the release of Apache Solr 8.2.0
@@ -2498,4 +2525,4 @@ Solr 4.7 also includes many other new fe
[3]: https://www.apache.org/dyn/closer.cgi/lucene/solr/ref-guide/
[4]: https://www.apache.org/dyn/closer.cgi/lucene/solr/ref-guide/
[5]: https://www.apache.org/dyn/closer.cgi/lucene/solr/ref-guide/
- [6]: https://www.apache.org/dyn/closer.cgi/lucene/solr/ref-guide/
+ [6]: https://www.apache.org/dyn/closer.cgi/lucene/solr/ref-guide/
\ No newline at end of file