You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@solr.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2022/09/07 00:51:00 UTC

[jira] [Commented] (SOLR-16324) CVE-2022-33980 in commons-configuration2

    [ https://issues.apache.org/jira/browse/SOLR-16324?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17601070#comment-17601070 ] 

ASF subversion and git services commented on SOLR-16324:
--------------------------------------------------------

Commit e41081498f40c01351e6467df10e4747ff288abf in solr's branch refs/heads/main from Kevin Risden
[ https://gitbox.apache.org/repos/asf?p=solr.git;h=e41081498f4 ]

SOLR-16324: Upgrade commons-configuration2 to 2.8.0 and commons-text to 1.9 (#999)

* Upgrade commons-configuration2 to 2.8.0 due to CVE-2022-33980
* Upgrade commons-text to 1.9 since it gets upgraded with
  commons-configuration2

> CVE-2022-33980 in commons-configuration2
> ----------------------------------------
>
>                 Key: SOLR-16324
>                 URL: https://issues.apache.org/jira/browse/SOLR-16324
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>            Reporter: Andrew Kulick
>            Assignee: Kevin Risden
>            Priority: Major
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> CVE-2022-33980 is present in org.apache.commons_commons-configuration2:2.7. Upgrading to version 2.8 will remediate the issue



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org