[
https://issues.apache.org/jira/browse/SOLR-16332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17607732#comment-17607732
]
Jan Høydahl commented on SOLR-16332:
------------------------------------
Pull request welcome.
What jetty version is currently used in 8.11.2 btw?
You should consider going to 9.x, Solr is a standalone app and unless you have
custom plugins, what Java version is used by Solr is an implementation detail.
You can likely use SolrJ 8.11 jars in your app even if server runs Solr 9.x
> Upgrade Jetty to latest 9.4.x
> -----------------------------
>
> Key: SOLR-16332
> URL: https://issues.apache.org/jira/browse/SOLR-16332
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Affects Versions: 9.0, 8.11.2
> Reporter: Chris Sabelstrom
> Assignee: Jan Høydahl
> Priority: Major
> Fix For: 9.1
>
> Attachments: image-2022-08-09-09-39-43-134.png
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> Fixes Vulnerability CVE-2022-2048 and other known Jetty bugs.
>
> *User report:*
> A security scanner detected the following vulnerability. Please upgrade to
> version noted in Status column. Please fix this for 8.11 as well as 9.0
> !image-2022-08-09-09-39-43-134.png!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
