You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@solr.apache.org by "Bierenfeld Michael (BayWa München-Zentrale)" <Mi...@baywa.de> on 2022/10/18 13:14:59 UTC
CVE-2022-42889
Hi,
solr uses this library in affected Versions. Are there any plans for Updates to apache-commons >= 1.10.0 ?
Regards
Michael
Re: CVE-2022-42889
Posted by Markus Jelsma <ma...@openindex.io>.
Probably, yes.
But see:
https://cwiki.apache.org/confluence/display/SOLR/SolrSecurity#SolrSecurity-SolrandVulnerabilityScanningTools
Op wo 9 nov. 2022 om 08:17 schreef HariBabu kuruva <
hari2708.kuruva@gmail.com>:
> Hi All,
>
> We are using solr-8.11.1 , Currently we have commons-text-1.6.jar, shall i
> replace it with commons-text-1.10.0.jar and restart the application? Will
> that work ?
>
> Please help.
>
> On Wed, Oct 19, 2022 at 3:28 PM Markus Jelsma <ma...@openindex.io>
> wrote:
>
> > Yes, it is already being done:
> > https://issues.apache.org/jira/browse/SOLR-16464
> >
> > Op wo 19 okt. 2022 om 05:51 schreef Bierenfeld Michael (BayWa
> > München-Zentrale) <Mi...@baywa.de>:
> >
> > > Hi,
> > >
> > > solr uses this library in affected Versions. Are there any plans for
> > > Updates to apache-commons >= 1.10.0 ?
> > >
> > > Regards
> > >
> > > Michael
> > >
> >
>
>
> --
>
> Thanks and Regards,
> Hari
> Mobile:9790756568
>
Re: CVE-2022-42889
Posted by HariBabu kuruva <ha...@gmail.com>.
Hi All,
We are using solr-8.11.1 , Currently we have commons-text-1.6.jar, shall i
replace it with commons-text-1.10.0.jar and restart the application? Will
that work ?
Please help.
On Wed, Oct 19, 2022 at 3:28 PM Markus Jelsma <ma...@openindex.io>
wrote:
> Yes, it is already being done:
> https://issues.apache.org/jira/browse/SOLR-16464
>
> Op wo 19 okt. 2022 om 05:51 schreef Bierenfeld Michael (BayWa
> München-Zentrale) <Mi...@baywa.de>:
>
> > Hi,
> >
> > solr uses this library in affected Versions. Are there any plans for
> > Updates to apache-commons >= 1.10.0 ?
> >
> > Regards
> >
> > Michael
> >
>
--
Thanks and Regards,
Hari
Mobile:9790756568
Re: CVE-2022-42889
Posted by Markus Jelsma <ma...@openindex.io>.
Yes, it is already being done:
https://issues.apache.org/jira/browse/SOLR-16464
Op wo 19 okt. 2022 om 05:51 schreef Bierenfeld Michael (BayWa
München-Zentrale) <Mi...@baywa.de>:
> Hi,
>
> solr uses this library in affected Versions. Are there any plans for
> Updates to apache-commons >= 1.10.0 ?
>
> Regards
>
> Michael
>