[
https://issues.apache.org/jira/browse/SOLR-12204?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16443335#comment-16443335
]
ASF subversion and git services commented on SOLR-12204:
--------------------------------------------------------
Commit 847b80b54cce126542b9067d93f769080643b31f in lucene-solr's branch
refs/heads/branch_7_3 from [~steve_rowe]
[ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=847b80b ]
SOLR-12204: Upgrade commons-fileupload dependency to 1.3.3 to address
CVE-2016-1000031
> Upgrade commons-fileupload to address CVE-2016-1000031
> ------------------------------------------------------
>
> Key: SOLR-12204
> URL: https://issues.apache.org/jira/browse/SOLR-12204
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Affects Versions: 7.2
> Reporter: Hrishikesh Gadre
> Assignee: Hrishikesh Gadre
> Priority: Major
> Attachments: SOLR-12204.patch, SOLR-12204.patch
>
>
> Currently SOLR is using 1.3.2 version of commons-fileupload library which is
> susceptible to CVE-2016-1000031. We should upgrade the this library to the
> latest version (1.3.3 at the time of writing) to mitigate the security risk.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
