Am 19.02.19 um 17:40 schrieb Moritz Mühlenhoff: > On Fri, Feb 15, 2019 at 11:21:13AM +0100, Markus Koschany wrote: [...] >> >> Upstream solved this problem by adding a new whitelist option for nodes >> and shards and what they can request. In the latest version Zookeeper >> would keep track of all the distributed nodes (SolrCloud), so this new >> option is meant for legacy releases like the one shipped by Debian or >> simply for a more fine grained control. I think this is a new security >> feature but not a fatal flaw that we have to patch. In my opinion it >> could be ignored. > > Agreed, I think we can simply mark it as unimportant in the Security > Tracker and close this bug. > > Cheers, > Moritz
Ok, let's do that. Regards, Markus
signature.asc
Description: OpenPGP digital signature
