You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by ab...@apache.org on 2016/12/13 20:30:15 UTC
[08/42] lucene-solr:feature/metrics: SOLR-9819: Upgrade Apache
commons-fileupload to 1.3.2, fixing a security vulnerability
SOLR-9819: Upgrade Apache commons-fileupload to 1.3.2, fixing a security vulnerability
Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/c61268f7
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/c61268f7
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/c61268f7
Branch: refs/heads/feature/metrics
Commit: c61268f7cd2c47884f98513febee6bb5f33ea6dc
Parents: 98f7572
Author: Anshum Gupta <an...@apache.org>
Authored: Fri Dec 2 12:09:10 2016 -0800
Committer: Anshum Gupta <an...@apache.org>
Committed: Fri Dec 2 12:14:35 2016 -0800
----------------------------------------------------------------------
lucene/ivy-versions.properties | 2 +-
solr/CHANGES.txt | 2 ++
solr/licenses/commons-fileupload-1.3.1.jar.sha1 | 1 -
solr/licenses/commons-fileupload-1.3.2.jar.sha1 | 1 +
4 files changed, 4 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/c61268f7/lucene/ivy-versions.properties
----------------------------------------------------------------------
diff --git a/lucene/ivy-versions.properties b/lucene/ivy-versions.properties
index 8526105..ffc54a8 100644
--- a/lucene/ivy-versions.properties
+++ b/lucene/ivy-versions.properties
@@ -64,7 +64,7 @@ com.sun.jersey.version = 1.9
/commons-collections/commons-collections = 3.2.2
/commons-configuration/commons-configuration = 1.6
/commons-digester/commons-digester = 2.1
-/commons-fileupload/commons-fileupload = 1.3.1
+/commons-fileupload/commons-fileupload = 1.3.2
/commons-io/commons-io = 2.5
/commons-lang/commons-lang = 2.6
/commons-logging/commons-logging = 1.1.3
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/c61268f7/solr/CHANGES.txt
----------------------------------------------------------------------
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index d09ae3b..e766169 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -255,6 +255,8 @@ Other Changes
* SOLR-9660: in GroupingSpecification factor [group](sort|offset|limit) into [group](sortSpec)
(Judith Silverman, Christine Poerschke)
+* SOLR-9819: Upgrade commons-fileupload to 1.3.2, fixing a potential vulnerability CVE-2016-3092 (Anshum Gupta)
+
================== 6.3.0 ==================
Consult the LUCENE_CHANGES.txt file for additional, low level, changes in this release.
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/c61268f7/solr/licenses/commons-fileupload-1.3.1.jar.sha1
----------------------------------------------------------------------
diff --git a/solr/licenses/commons-fileupload-1.3.1.jar.sha1 b/solr/licenses/commons-fileupload-1.3.1.jar.sha1
deleted file mode 100644
index 32f4872..0000000
--- a/solr/licenses/commons-fileupload-1.3.1.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-c621b54583719ac0310404463d6d99db27e1052c
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/c61268f7/solr/licenses/commons-fileupload-1.3.2.jar.sha1
----------------------------------------------------------------------
diff --git a/solr/licenses/commons-fileupload-1.3.2.jar.sha1 b/solr/licenses/commons-fileupload-1.3.2.jar.sha1
new file mode 100644
index 0000000..747b509
--- /dev/null
+++ b/solr/licenses/commons-fileupload-1.3.2.jar.sha1
@@ -0,0 +1 @@
+5d7491ed6ebd02b6a8d2305f8e6b7fe5dbd95f72
\ No newline at end of file