You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@solr.apache.org by GitBox <gi...@apache.org> on 2021/12/10 17:55:39 UTC

[GitHub] [solr-site] ctargett commented on a change in pull request #47: SOLR-15843 Update for information about prom exporter

ctargett commented on a change in pull request #47:
URL: https://github.com/apache/solr-site/pull/47#discussion_r766874295



##########
File path: content/solr/security/2021-12-12-cve-2021-44228.md
##########
@@ -25,5 +27,13 @@ Any of the following are enough to prevent this vulnerability:
   `set SOLR_OPTS=%SOLR_OPTS% -Dlog4j2.formatMsgNoLookups=true`
 * Follow any of the other mitgations listed at https://logging.apache.org/log4j/2.x/security.html
 
+The vulnerability in the Prometheus Exporter Contribcan be mitigated by any of the following:
+
+* Upgrade to `Solr 8.11.1` or greater (when available), which will include an updated version of the log4j2 dependancy.

Review comment:
       "dependency"




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org