You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Steve Rowe (JIRA)" <ji...@apache.org> on 2018/04/18 23:34:00 UTC
[jira] [Resolved] (SOLR-12204) Upgrade commons-fileupload to
address CVE-2016-1000031
[ https://issues.apache.org/jira/browse/SOLR-12204?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Steve Rowe resolved SOLR-12204.
-------------------------------
Resolution: Fixed
Assignee: Steve Rowe (was: Hrishikesh Gadre)
Fix Version/s: master (8.0)
7.4
7.3.1
> Upgrade commons-fileupload to address CVE-2016-1000031
> ------------------------------------------------------
>
> Key: SOLR-12204
> URL: https://issues.apache.org/jira/browse/SOLR-12204
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Affects Versions: 7.2
> Reporter: Hrishikesh Gadre
> Assignee: Steve Rowe
> Priority: Major
> Fix For: 7.3.1, 7.4, master (8.0)
>
> Attachments: SOLR-12204.patch, SOLR-12204.patch
>
>
> Currently SOLR is using 1.3.2 version of commons-fileupload library which is susceptible to CVE-2016-1000031. We should upgrade the this library to the latest version (1.3.3 at the time of writing) to mitigate the security risk.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org