You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2022/09/07 00:51:00 UTC
[jira] [Commented] (SOLR-16324) CVE-2022-33980 in commons-configuration2
[ https://issues.apache.org/jira/browse/SOLR-16324?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17601070#comment-17601070 ]
ASF subversion and git services commented on SOLR-16324:
--------------------------------------------------------
Commit e41081498f40c01351e6467df10e4747ff288abf in solr's branch refs/heads/main from Kevin Risden
[ https://gitbox.apache.org/repos/asf?p=solr.git;h=e41081498f4 ]
SOLR-16324: Upgrade commons-configuration2 to 2.8.0 and commons-text to 1.9 (#999)
* Upgrade commons-configuration2 to 2.8.0 due to CVE-2022-33980
* Upgrade commons-text to 1.9 since it gets upgraded with
commons-configuration2
> CVE-2022-33980 in commons-configuration2
> ----------------------------------------
>
> Key: SOLR-16324
> URL: https://issues.apache.org/jira/browse/SOLR-16324
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: Andrew Kulick
> Assignee: Kevin Risden
> Priority: Major
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> CVE-2022-33980 is present in org.apache.commons_commons-configuration2:2.7. Upgrading to version 2.8 will remediate the issue
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org