You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@lucene.apache.org by Apache Wiki <wi...@apache.org> on 2019/03/07 16:43:06 UTC

[Solr Wiki] Update of "SolrSecurity" by TomasFernandezLobbe

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Solr Wiki" for change notification.

The "SolrSecurity" page has been changed by TomasFernandezLobbe:
https://wiki.apache.org/solr/SolrSecurity?action=diff&rev1=60&rev2=61

Comment:
Added CVE-2019-0192

  
  == Security Announcements ==
  
+  * [[http://mail-archives.us.apache.org/mod_mbox/www-announce/201903.mbox/%3CCAECwjAV1buZwg%2BMcV9EAQ19MeAWztPVJYD4zGK8kQdADFYij1w%40mail.gmail.com%3E|2019-03-06:  CVE-2019-0192 Deserialization of untrusted data via jmx.serviceUrl]] 
   * [[http://mail-archives.apache.org/mod_mbox/www-announce/201902.mbox/%3CCAECwjAVjBN%3DwO5rYs6ktAX-5%3D-f5JDFwbbTSM2TTjEbGO5jKKA%40mail.gmail.com%3E|2019-02-12: CVE-2017-3164 SSRF issue in Apache Solr]]
   * [[https://mail-archives.apache.org/mod_mbox/www-announce/201804.mbox/%3C000001d3cf68%245ac69af0%241053d0d0%24%40apache.org%3E|2018-04-08: CVE-2018-1308: XXE attack through DIH's dataConfig request parameter]]
   * 2017-10-26: CVE-2016-6809 – Arbitrary Code Execution Vulnerability in Apache Tika’s MATLAB Parser bundled with Apache Solr