You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@lucene.apache.org by ja...@apache.org on 2015/11/16 18:40:12 UTC

svn commit: r1714639 - in /lucene/dev/branches/branch_5x: lucene/ivy-versions.properties solr/CHANGES.txt solr/licenses/commons-collections-3.2.1.jar.sha1 solr/licenses/commons-collections-3.2.2.jar.sha1

Author: janhoy
Date: Mon Nov 16 17:40:11 2015
New Revision: 1714639

URL: http://svn.apache.org/viewvc?rev=1714639&view=rev
Log:
SOLR-8269: Upgrade commons-collections to 3.2.2. This fixes a known serialization vulnerability (backport)

Added:
    lucene/dev/branches/branch_5x/solr/licenses/commons-collections-3.2.2.jar.sha1   (with props)
Removed:
    lucene/dev/branches/branch_5x/solr/licenses/commons-collections-3.2.1.jar.sha1
Modified:
    lucene/dev/branches/branch_5x/lucene/ivy-versions.properties
    lucene/dev/branches/branch_5x/solr/CHANGES.txt

Modified: lucene/dev/branches/branch_5x/lucene/ivy-versions.properties
URL: http://svn.apache.org/viewvc/lucene/dev/branches/branch_5x/lucene/ivy-versions.properties?rev=1714639&r1=1714638&r2=1714639&view=diff
==============================================================================
--- lucene/dev/branches/branch_5x/lucene/ivy-versions.properties (original)
+++ lucene/dev/branches/branch_5x/lucene/ivy-versions.properties Mon Nov 16 17:40:11 2015
@@ -58,7 +58,7 @@ com.sun.jersey.version = 1.9
 /commons-beanutils/commons-beanutils = 1.8.3
 /commons-cli/commons-cli = 1.2
 /commons-codec/commons-codec = 1.10
-/commons-collections/commons-collections = 3.2.1
+/commons-collections/commons-collections = 3.2.2
 /commons-configuration/commons-configuration = 1.6
 /commons-digester/commons-digester = 2.1
 /commons-fileupload/commons-fileupload = 1.2.1

Modified: lucene/dev/branches/branch_5x/solr/CHANGES.txt
URL: http://svn.apache.org/viewvc/lucene/dev/branches/branch_5x/solr/CHANGES.txt?rev=1714639&r1=1714638&r2=1714639&view=diff
==============================================================================
--- lucene/dev/branches/branch_5x/solr/CHANGES.txt (original)
+++ lucene/dev/branches/branch_5x/solr/CHANGES.txt Mon Nov 16 17:40:11 2015
@@ -371,6 +371,8 @@ Other Changes
 * SOLR-8286: Remove instances of solr.hdfs.blockcache.write.enabled from tests
   and docs (Gregory Chanan)
 
+* SOLR-8269: Upgrade commons-collections to 3.2.2. This fixes a known serialization vulnerability (janhoy)
+
 ==================  5.3.1 ==================
 
 Bug Fixes

Added: lucene/dev/branches/branch_5x/solr/licenses/commons-collections-3.2.2.jar.sha1
URL: http://svn.apache.org/viewvc/lucene/dev/branches/branch_5x/solr/licenses/commons-collections-3.2.2.jar.sha1?rev=1714639&view=auto
==============================================================================
--- lucene/dev/branches/branch_5x/solr/licenses/commons-collections-3.2.2.jar.sha1 (added)
+++ lucene/dev/branches/branch_5x/solr/licenses/commons-collections-3.2.2.jar.sha1 Mon Nov 16 17:40:11 2015
@@ -0,0 +1 @@
+8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5