You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by an...@apache.org on 2016/12/02 21:27:10 UTC
lucene-solr:branch_6x: SOLR-9819: Upgrade Apache commons-fileupload
to 1.3.2, fixing a security vulnerability
Repository: lucene-solr
Updated Branches:
refs/heads/branch_6x 537ac854a -> 660f08a0b
SOLR-9819: Upgrade Apache commons-fileupload to 1.3.2, fixing a security vulnerability
Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/660f08a0
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/660f08a0
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/660f08a0
Branch: refs/heads/branch_6x
Commit: 660f08a0b96887ad0ca4c147016179f041c522e8
Parents: 537ac85
Author: Anshum Gupta <an...@apache.org>
Authored: Fri Dec 2 12:09:10 2016 -0800
Committer: Anshum Gupta <an...@apache.org>
Committed: Fri Dec 2 13:26:49 2016 -0800
----------------------------------------------------------------------
lucene/ivy-versions.properties | 2 +-
solr/CHANGES.txt | 2 ++
solr/licenses/commons-fileupload-1.3.1.jar.sha1 | 1 -
solr/licenses/commons-fileupload-1.3.2.jar.sha1 | 1 +
4 files changed, 4 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/660f08a0/lucene/ivy-versions.properties
----------------------------------------------------------------------
diff --git a/lucene/ivy-versions.properties b/lucene/ivy-versions.properties
index 8526105..ffc54a8 100644
--- a/lucene/ivy-versions.properties
+++ b/lucene/ivy-versions.properties
@@ -64,7 +64,7 @@ com.sun.jersey.version = 1.9
/commons-collections/commons-collections = 3.2.2
/commons-configuration/commons-configuration = 1.6
/commons-digester/commons-digester = 2.1
-/commons-fileupload/commons-fileupload = 1.3.1
+/commons-fileupload/commons-fileupload = 1.3.2
/commons-io/commons-io = 2.5
/commons-lang/commons-lang = 2.6
/commons-logging/commons-logging = 1.1.3
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/660f08a0/solr/CHANGES.txt
----------------------------------------------------------------------
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index c5e4657..8a5e369 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -201,6 +201,8 @@ Other Changes
* SOLR-9660: in GroupingSpecification factor [group](sort|offset|limit) into [group](sortSpec)
(Judith Silverman, Christine Poerschke)
+* SOLR-9819: Upgrade commons-fileupload to 1.3.2, fixing a potential vulnerability CVE-2016-3092 (Anshum Gupta)
+
================== 6.3.0 ==================
Consult the LUCENE_CHANGES.txt file for additional, low level, changes in this release.
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/660f08a0/solr/licenses/commons-fileupload-1.3.1.jar.sha1
----------------------------------------------------------------------
diff --git a/solr/licenses/commons-fileupload-1.3.1.jar.sha1 b/solr/licenses/commons-fileupload-1.3.1.jar.sha1
deleted file mode 100644
index 32f4872..0000000
--- a/solr/licenses/commons-fileupload-1.3.1.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-c621b54583719ac0310404463d6d99db27e1052c
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/660f08a0/solr/licenses/commons-fileupload-1.3.2.jar.sha1
----------------------------------------------------------------------
diff --git a/solr/licenses/commons-fileupload-1.3.2.jar.sha1 b/solr/licenses/commons-fileupload-1.3.2.jar.sha1
new file mode 100644
index 0000000..747b509
--- /dev/null
+++ b/solr/licenses/commons-fileupload-1.3.2.jar.sha1
@@ -0,0 +1 @@
+5d7491ed6ebd02b6a8d2305f8e6b7fe5dbd95f72
\ No newline at end of file