[ https://issues.apache.org/jira/browse/SOLR-12204?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Steve Rowe resolved SOLR-12204. ------------------------------- Resolution: Fixed Assignee: Steve Rowe (was: Hrishikesh Gadre) Fix Version/s: master (8.0) 7.4 7.3.1 > Upgrade commons-fileupload to address CVE-2016-1000031 > ------------------------------------------------------ > > Key: SOLR-12204 > URL: https://issues.apache.org/jira/browse/SOLR-12204 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) > Affects Versions: 7.2 > Reporter: Hrishikesh Gadre > Assignee: Steve Rowe > Priority: Major > Fix For: 7.3.1, 7.4, master (8.0) > > Attachments: SOLR-12204.patch, SOLR-12204.patch > > > Currently SOLR is using 1.3.2 version of commons-fileupload library which is > susceptible to CVE-2016-1000031. We should upgrade the this library to the > latest version (1.3.3 at the time of writing) to mitigate the security risk. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org