[
https://issues.apache.org/jira/browse/SOLR-16332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17650051#comment-17650051
]
Jigar Shah commented on SOLR-16332:
-----------------------------------
+1 [~janhoy] and [~krisden], many thanks for the fix!
This fix on 8_11 branch (for 8.11.3) is very critical fix affecting in and out
of SolrCloud cluster. It's a blocker to move overall to http2.
Community, any release plans for 8.11.3, it's 6 months since 8.11.2. Many
thanks for great work!
> Upgrade Jetty to latest 9.4.x
> -----------------------------
>
> Key: SOLR-16332
> URL: https://issues.apache.org/jira/browse/SOLR-16332
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Affects Versions: 9.0, 8.11.2
> Reporter: Chris Sabelstrom
> Assignee: Jan Høydahl
> Priority: Major
> Fix For: 9.1, main (10.0), 8.11.3
>
> Attachments: image-2022-08-09-09-39-43-134.png
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> Fixes Vulnerability CVE-2022-2048 and other known Jetty bugs.
>
> *User report:*
> A security scanner detected the following vulnerability. Please upgrade to
> version noted in Status column. Please fix this for 8.11 as well as 9.0
> !image-2022-08-09-09-39-43-134.png!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
