lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "DW (JIRA)" <j...@apache.org>
Subject [jira] [Created] (SOLR-13208) Update dom4j in solr package due to security vulnerability
Date Thu, 31 Jan 2019 15:06:00 GMT
DW created SOLR-13208:
-------------------------

             Summary: Update dom4j in solr package due to security vulnerability
                 Key: SOLR-13208
                 URL: https://issues.apache.org/jira/browse/SOLR-13208
             Project: Solr
          Issue Type: Bug
      Security Level: Public (Default Security Level. Issues are Public)
          Components: Server
    Affects Versions: 7.6
            Reporter: DW


The Solr package contains dom4j-1.6.1 in the server webapp component in server/solr-webapp/webapp/WEB-INF/lib/dom4j-1.6.1.jar

Please can you upgrade dom4j-1.6.1 due to open security vulnerability to 2.1.1+.

If you need the CVE number, let me know.

 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org


Mime
View raw message