You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by sa...@apache.org on 2016/06/17 22:20:00 UTC
[1/4] lucene-solr:branch_5_5: SOLR-9053: Upgrade commons-fileupload
to 1.3.1, fixing a potential vulnerability (cherry picked from commit 0ebe6b0)
Repository: lucene-solr
Updated Branches:
refs/heads/branch_5_5 41c77152b -> dacb226a2
refs/heads/branch_5x 04da75076 -> 9ebd60cee
SOLR-9053: Upgrade commons-fileupload to 1.3.1, fixing a potential vulnerability
(cherry picked from commit 0ebe6b0)
Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/931501ce
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/931501ce
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/931501ce
Branch: refs/heads/branch_5_5
Commit: 931501ce6481080fbdb4c5470f7b532f394e7b96
Parents: 41c7715
Author: Jan H�ydahl <ja...@apache.org>
Authored: Tue May 3 13:36:06 2016 +0200
Committer: Steve Rowe <sa...@apache.org>
Committed: Fri Jun 17 18:17:21 2016 -0400
----------------------------------------------------------------------
lucene/ivy-versions.properties | 2 +-
solr/CHANGES.txt | 2 ++
solr/licenses/commons-fileupload-1.2.1.jar.sha1 | 1 -
solr/licenses/commons-fileupload-1.3.1.jar.sha1 | 1 +
4 files changed, 4 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/931501ce/lucene/ivy-versions.properties
----------------------------------------------------------------------
diff --git a/lucene/ivy-versions.properties b/lucene/ivy-versions.properties
index cbc92d7..ea10460 100644
--- a/lucene/ivy-versions.properties
+++ b/lucene/ivy-versions.properties
@@ -61,7 +61,7 @@ com.sun.jersey.version = 1.9
/commons-collections/commons-collections = 3.2.2
/commons-configuration/commons-configuration = 1.6
/commons-digester/commons-digester = 2.1
-/commons-fileupload/commons-fileupload = 1.2.1
+/commons-fileupload/commons-fileupload = 1.3.1
/commons-io/commons-io = 2.4
/commons-lang/commons-lang = 2.6
/commons-logging/commons-logging = 1.1.3
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/931501ce/solr/CHANGES.txt
----------------------------------------------------------------------
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 68f6d3a..8fb10af 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -87,6 +87,8 @@ Other Changes
* SOLR-9131: Fix "start solr" text in cluster.vm Velocity template (janhoy)
+* SOLR-9053: Upgrade commons-fileupload to 1.3.1, fixing a potential vulnerability (Jeff Field, Mike Drob via janhoy)
+
======================= 5.5.1 =======================
Bug Fixes
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/931501ce/solr/licenses/commons-fileupload-1.2.1.jar.sha1
----------------------------------------------------------------------
diff --git a/solr/licenses/commons-fileupload-1.2.1.jar.sha1 b/solr/licenses/commons-fileupload-1.2.1.jar.sha1
deleted file mode 100644
index 0d62b9b..0000000
--- a/solr/licenses/commons-fileupload-1.2.1.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-384faa82e193d4e4b0546059ca09572654bc3970
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/931501ce/solr/licenses/commons-fileupload-1.3.1.jar.sha1
----------------------------------------------------------------------
diff --git a/solr/licenses/commons-fileupload-1.3.1.jar.sha1 b/solr/licenses/commons-fileupload-1.3.1.jar.sha1
new file mode 100644
index 0000000..32f4872
--- /dev/null
+++ b/solr/licenses/commons-fileupload-1.3.1.jar.sha1
@@ -0,0 +1 @@
+c621b54583719ac0310404463d6d99db27e1052c
[3/4] lucene-solr:branch_5x: SOLR-9053: Upgrade commons-fileupload to
1.3.1, fixing a potential vulnerability (cherry picked from commit 0ebe6b0)
Posted by sa...@apache.org.
SOLR-9053: Upgrade commons-fileupload to 1.3.1, fixing a potential vulnerability
(cherry picked from commit 0ebe6b0)
Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/fb5916c3
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/fb5916c3
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/fb5916c3
Branch: refs/heads/branch_5x
Commit: fb5916c329745ea80cff600adab89269c8764f0e
Parents: 04da750
Author: Jan H�ydahl <ja...@apache.org>
Authored: Tue May 3 13:36:06 2016 +0200
Committer: Steve Rowe <sa...@apache.org>
Committed: Fri Jun 17 18:19:27 2016 -0400
----------------------------------------------------------------------
lucene/ivy-versions.properties | 2 +-
solr/licenses/commons-fileupload-1.2.1.jar.sha1 | 1 -
solr/licenses/commons-fileupload-1.3.1.jar.sha1 | 1 +
3 files changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/fb5916c3/lucene/ivy-versions.properties
----------------------------------------------------------------------
diff --git a/lucene/ivy-versions.properties b/lucene/ivy-versions.properties
index cbc92d7..ea10460 100644
--- a/lucene/ivy-versions.properties
+++ b/lucene/ivy-versions.properties
@@ -61,7 +61,7 @@ com.sun.jersey.version = 1.9
/commons-collections/commons-collections = 3.2.2
/commons-configuration/commons-configuration = 1.6
/commons-digester/commons-digester = 2.1
-/commons-fileupload/commons-fileupload = 1.2.1
+/commons-fileupload/commons-fileupload = 1.3.1
/commons-io/commons-io = 2.4
/commons-lang/commons-lang = 2.6
/commons-logging/commons-logging = 1.1.3
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/fb5916c3/solr/licenses/commons-fileupload-1.2.1.jar.sha1
----------------------------------------------------------------------
diff --git a/solr/licenses/commons-fileupload-1.2.1.jar.sha1 b/solr/licenses/commons-fileupload-1.2.1.jar.sha1
deleted file mode 100644
index 0d62b9b..0000000
--- a/solr/licenses/commons-fileupload-1.2.1.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-384faa82e193d4e4b0546059ca09572654bc3970
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/fb5916c3/solr/licenses/commons-fileupload-1.3.1.jar.sha1
----------------------------------------------------------------------
diff --git a/solr/licenses/commons-fileupload-1.3.1.jar.sha1 b/solr/licenses/commons-fileupload-1.3.1.jar.sha1
new file mode 100644
index 0000000..32f4872
--- /dev/null
+++ b/solr/licenses/commons-fileupload-1.3.1.jar.sha1
@@ -0,0 +1 @@
+c621b54583719ac0310404463d6d99db27e1052c
[4/4] lucene-solr:branch_5x: SOLR-9053: Fix attribution,
apply the code refactor part from mdrob's patch (cherry picked from
commit b6f8c65)
Posted by sa...@apache.org.
SOLR-9053: Fix attribution, apply the code refactor part from mdrob's patch
(cherry picked from commit b6f8c65)
Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/9ebd60ce
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/9ebd60ce
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/9ebd60ce
Branch: refs/heads/branch_5x
Commit: 9ebd60ceec6f7fa2242295467b0420ae807ecbb4
Parents: fb5916c
Author: Jan H�ydahl <ja...@apache.org>
Authored: Wed May 4 23:19:55 2016 +0200
Committer: Steve Rowe <sa...@apache.org>
Committed: Fri Jun 17 18:19:52 2016 -0400
----------------------------------------------------------------------
.../apache/solr/servlet/SolrRequestParsers.java | 28 +++++++++-----------
1 file changed, 12 insertions(+), 16 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/9ebd60ce/solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java
----------------------------------------------------------------------
diff --git a/solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java b/solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java
index 79c151b..7670254 100644
--- a/solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java
+++ b/solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java
@@ -55,7 +55,6 @@ import org.apache.solr.core.SolrConfig;
import org.apache.solr.core.SolrCore;
import org.apache.solr.request.SolrQueryRequest;
import org.apache.solr.request.SolrQueryRequestBase;
-import org.apache.solr.util.RTimer;
import org.apache.solr.util.RTimerTree;
import static org.apache.solr.common.params.CommonParams.PATH;
@@ -561,21 +560,18 @@ public class SolrRequestParsers
upload.setSizeMax( ((long) uploadLimitKB) * 1024L );
// Parse the request
- List items = upload.parseRequest(req);
- Iterator iter = items.iterator();
- while (iter.hasNext()) {
- FileItem item = (FileItem) iter.next();
-
- // If it's a form field, put it in our parameter map
- if (item.isFormField()) {
- MultiMapSolrParams.addParam(
- item.getFieldName().trim(),
- item.getString(), params.getMap() );
- }
- // Add the stream
- else {
- streams.add( new FileItemContentStream( item ) );
- }
+ List<FileItem> items = upload.parseRequest(req);
+ for (FileItem item : items) {
+ // If it's a form field, put it in our parameter map
+ if (item.isFormField()) {
+ MultiMapSolrParams.addParam(
+ item.getFieldName().trim(),
+ item.getString(), params.getMap() );
+ }
+ // Add the stream
+ else {
+ streams.add( new FileItemContentStream( item ) );
+ }
}
return params;
}
[2/4] lucene-solr:branch_5_5: SOLR-9053: Fix attribution,
apply the code refactor part from mdrob's patch (cherry picked from
commit b6f8c65)
Posted by sa...@apache.org.
SOLR-9053: Fix attribution, apply the code refactor part from mdrob's patch
(cherry picked from commit b6f8c65)
Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/dacb226a
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/dacb226a
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/dacb226a
Branch: refs/heads/branch_5_5
Commit: dacb226a2be822abe7d46a6be7811c6eeb5f5e4c
Parents: 931501c
Author: Jan H�ydahl <ja...@apache.org>
Authored: Wed May 4 23:19:55 2016 +0200
Committer: Steve Rowe <sa...@apache.org>
Committed: Fri Jun 17 18:18:49 2016 -0400
----------------------------------------------------------------------
.../apache/solr/servlet/SolrRequestParsers.java | 28 +++++++++-----------
1 file changed, 12 insertions(+), 16 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/dacb226a/solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java
----------------------------------------------------------------------
diff --git a/solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java b/solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java
index 79c151b..7670254 100644
--- a/solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java
+++ b/solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java
@@ -55,7 +55,6 @@ import org.apache.solr.core.SolrConfig;
import org.apache.solr.core.SolrCore;
import org.apache.solr.request.SolrQueryRequest;
import org.apache.solr.request.SolrQueryRequestBase;
-import org.apache.solr.util.RTimer;
import org.apache.solr.util.RTimerTree;
import static org.apache.solr.common.params.CommonParams.PATH;
@@ -561,21 +560,18 @@ public class SolrRequestParsers
upload.setSizeMax( ((long) uploadLimitKB) * 1024L );
// Parse the request
- List items = upload.parseRequest(req);
- Iterator iter = items.iterator();
- while (iter.hasNext()) {
- FileItem item = (FileItem) iter.next();
-
- // If it's a form field, put it in our parameter map
- if (item.isFormField()) {
- MultiMapSolrParams.addParam(
- item.getFieldName().trim(),
- item.getString(), params.getMap() );
- }
- // Add the stream
- else {
- streams.add( new FileItemContentStream( item ) );
- }
+ List<FileItem> items = upload.parseRequest(req);
+ for (FileItem item : items) {
+ // If it's a form field, put it in our parameter map
+ if (item.isFormField()) {
+ MultiMapSolrParams.addParam(
+ item.getFieldName().trim(),
+ item.getString(), params.getMap() );
+ }
+ // Add the stream
+ else {
+ streams.add( new FileItemContentStream( item ) );
+ }
}
return params;
}