[ https://issues.apache.org/jira/browse/SOLR-16464?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17620585#comment-17620585 ]
Cassandra Targett commented on SOLR-16464: ------------------------------------------ If the CVE behind this is not a risk for Solr, could someone add it to the list of false positives with an explanation: https://cwiki.apache.org/confluence/display/SOLR/SolrSecurity > Upgrade commons-text to 1.10.0 > ------------------------------ > > Key: SOLR-16464 > URL: https://issues.apache.org/jira/browse/SOLR-16464 > Project: Solr > Issue Type: Task > Security Level: Public(Default Security Level. Issues are Public) > Components: Build > Reporter: Kevin Risden > Assignee: Kevin Risden > Priority: Minor > Fix For: main (10.0), 8.11.3, 9.2 > > Time Spent: 50m > Remaining Estimate: 0h > > commons-text should be upgraded to 1.10.0 - > https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org