date:20211215

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Jan Høydahl

Thanks all, I'll close the vote now and start publishing the release...

If you're a PMC member who planned to vote, but have not yet done so, there is 
still value in expressing your vote in this thread, further validating the 
release. I'll tally the final count tomorrow as well, for the record.

Jan

> 16. des. 2021 kl. 01:39 skrev Mike Drob :
> 
> Fast track please
> 
> On Wed, Dec 15, 2021 at 6:34 PM Gus Heck  > wrote:
> fast track please :)
> 
> On Wed, Dec 15, 2021 at 7:23 PM Anshum Gupta  > wrote:
> Fast-track please :) 
> 
> On Wed, Dec 15, 2021 at 4:19 PM Jan Høydahl  > wrote:
> Given the votes so far (11 binding +1) I'm also positive to publish tomorrow, 
> and not wait for Friday.
> The release voting rules are three or more +1 votes and more +1 votes than -1 
> votes, so for the vote to fail we'd need more than 11 -1's from now :)
> 
> If I see at least 3 more of you in favor (reply with "FAST-TRACK PLEASE") and 
> no justified vetoes, then I can make it happen on Thursday afternoon UTC!
> 
> Jan
> 
>> 15. des. 2021 kl. 22:57 skrev Ishan Chattopadhyaya 
>> mailto:ichattopadhy...@gmail.com>>:
>> 
>> I think we should publish, release and announce asap, not waiting for 72h or 
>> the MVN propogation.
>> 
>> On Thu, 16 Dec, 2021, 2:40 am Anshum Gupta, > > wrote:
>> +1 (binding)
>> 
>> Smoke tester is happy.
>> 
>> SUCCESS! [1:03:13.162577]
>> 
>> Also tested out a sample search/indexing app.
>> 
>> On Tue, Dec 14, 2021 at 6:36 AM Jan Høydahl > > wrote:
>> Please vote for release candidate 1 for Lucene/Solr 8.11.1
>> 
>> The artifacts can be downloaded from:
>> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>>  
>> 
>> 
>> You can run the smoke tester directly (from a fresh branch_8_11 checkout), 
>> with this command:
>> 
>> python3 -u dev-tools/scripts/smokeTestRelease.py \
>> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>>  
>> 
>> 
>> The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00 UTC.
>> 
>> [ ] +1  approve
>> [ ] +0  no opinion
>> [ ] -1  disapprove (and reason why)
>> 
>> Here is my +1
>> 
>> SUCCESS! [0:54:56.979538]
>> 
>> NOTE: You must run the smoke tester from latest commit on branch_8_11, since 
>> my surname contains a unicode-character, needing a fix in the gpg command 
>> ran by the smoketester.
>> -
>> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org 
>> 
>> For additional commands, e-mail: dev-h...@lucene.apache.org 
>> 
>> 
>> 
>> 
>> -- 
>> Anshum Gupta
> 
> 
> 
> -- 
> Anshum Gupta
> 
> 
> -- 
> http://www.needhamsoftware.com  (work)
> http://www.the111shift.com  (play)

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Mike Drob

Fast track please

On Wed, Dec 15, 2021 at 6:34 PM Gus Heck  wrote:

> fast track please :)
>
> On Wed, Dec 15, 2021 at 7:23 PM Anshum Gupta 
> wrote:
>
>> Fast-track please :)
>>
>> On Wed, Dec 15, 2021 at 4:19 PM Jan Høydahl 
>> wrote:
>>
>>> Given the votes so far (11 binding +1) I'm also positive to publish
>>> tomorrow, and not wait for Friday.
>>> The release voting rules are three or more +1 votes and more +1 votes
>>> than -1 votes, so for the vote to fail we'd need more than 11 -1's from now
>>> :)
>>>
>>> If I see at least 3 more of you in favor (reply with "FAST-TRACK
>>> PLEASE") and no justified vetoes, then I can make it happen on Thursday
>>> afternoon UTC!
>>>
>>> Jan
>>>
>>> 15. des. 2021 kl. 22:57 skrev Ishan Chattopadhyaya <
>>> ichattopadhy...@gmail.com>:
>>>
>>> I think we should publish, release and announce asap, not waiting for
>>> 72h or the MVN propogation.
>>>
>>> On Thu, 16 Dec, 2021, 2:40 am Anshum Gupta, 
>>> wrote:
>>>
 +1 (binding)

 Smoke tester is happy.

 SUCCESS! [1:03:13.162577]

 Also tested out a sample search/indexing app.

 On Tue, Dec 14, 2021 at 6:36 AM Jan Høydahl 
 wrote:

> Please vote for release candidate 1 for Lucene/Solr 8.11.1
>
> The artifacts can be downloaded from:
>
> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>
> You can run the smoke tester directly (from a fresh branch_8_11
> checkout), with this command:
>
> python3 -u dev-tools/scripts/smokeTestRelease.py \
>
> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>
> The vote will be open for at least 72 hours i.e. until 2021-12-17
> 15:00 UTC.
>
> [ ] +1  approve
> [ ] +0  no opinion
> [ ] -1  disapprove (and reason why)
>
> Here is my +1
>
> SUCCESS! [0:54:56.979538]
>
> NOTE: You must run the smoke tester from latest commit on branch_8_11,
> since my surname contains a unicode-character, needing a fix in the gpg
> command ran by the smoketester.
> -
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> For additional commands, e-mail: dev-h...@lucene.apache.org
>
>

 --
 Anshum Gupta

>>>
>>>
>>
>> --
>> Anshum Gupta
>>
>
>
> --
> http://www.needhamsoftware.com (work)
> http://www.the111shift.com (play)
>

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Gus Heck

fast track please :)

On Wed, Dec 15, 2021 at 7:23 PM Anshum Gupta  wrote:

> Fast-track please :)
>
> On Wed, Dec 15, 2021 at 4:19 PM Jan Høydahl  wrote:
>
>> Given the votes so far (11 binding +1) I'm also positive to publish
>> tomorrow, and not wait for Friday.
>> The release voting rules are three or more +1 votes and more +1 votes
>> than -1 votes, so for the vote to fail we'd need more than 11 -1's from now
>> :)
>>
>> If I see at least 3 more of you in favor (reply with "FAST-TRACK PLEASE")
>> and no justified vetoes, then I can make it happen on Thursday afternoon
>> UTC!
>>
>> Jan
>>
>> 15. des. 2021 kl. 22:57 skrev Ishan Chattopadhyaya <
>> ichattopadhy...@gmail.com>:
>>
>> I think we should publish, release and announce asap, not waiting for 72h
>> or the MVN propogation.
>>
>> On Thu, 16 Dec, 2021, 2:40 am Anshum Gupta, 
>> wrote:
>>
>>> +1 (binding)
>>>
>>> Smoke tester is happy.
>>>
>>> SUCCESS! [1:03:13.162577]
>>>
>>> Also tested out a sample search/indexing app.
>>>
>>> On Tue, Dec 14, 2021 at 6:36 AM Jan Høydahl 
>>> wrote:
>>>
 Please vote for release candidate 1 for Lucene/Solr 8.11.1

 The artifacts can be downloaded from:

 https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50

 You can run the smoke tester directly (from a fresh branch_8_11
 checkout), with this command:

 python3 -u dev-tools/scripts/smokeTestRelease.py \

 https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50

 The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00
 UTC.

 [ ] +1  approve
 [ ] +0  no opinion
 [ ] -1  disapprove (and reason why)

 Here is my +1

 SUCCESS! [0:54:56.979538]

 NOTE: You must run the smoke tester from latest commit on branch_8_11,
 since my surname contains a unicode-character, needing a fix in the gpg
 command ran by the smoketester.
 -
 To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
 For additional commands, e-mail: dev-h...@lucene.apache.org


>>>
>>> --
>>> Anshum Gupta
>>>
>>
>>
>
> --
> Anshum Gupta
>


-- 
http://www.needhamsoftware.com (work)
http://www.the111shift.com (play)

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Anshum Gupta

Fast-track please :)

On Wed, Dec 15, 2021 at 4:19 PM Jan Høydahl  wrote:

> Given the votes so far (11 binding +1) I'm also positive to publish
> tomorrow, and not wait for Friday.
> The release voting rules are three or more +1 votes and more +1 votes than
> -1 votes, so for the vote to fail we'd need more than 11 -1's from now :)
>
> If I see at least 3 more of you in favor (reply with "FAST-TRACK PLEASE")
> and no justified vetoes, then I can make it happen on Thursday afternoon
> UTC!
>
> Jan
>
> 15. des. 2021 kl. 22:57 skrev Ishan Chattopadhyaya <
> ichattopadhy...@gmail.com>:
>
> I think we should publish, release and announce asap, not waiting for 72h
> or the MVN propogation.
>
> On Thu, 16 Dec, 2021, 2:40 am Anshum Gupta, 
> wrote:
>
>> +1 (binding)
>>
>> Smoke tester is happy.
>>
>> SUCCESS! [1:03:13.162577]
>>
>> Also tested out a sample search/indexing app.
>>
>> On Tue, Dec 14, 2021 at 6:36 AM Jan Høydahl 
>> wrote:
>>
>>> Please vote for release candidate 1 for Lucene/Solr 8.11.1
>>>
>>> The artifacts can be downloaded from:
>>>
>>> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>>>
>>> You can run the smoke tester directly (from a fresh branch_8_11
>>> checkout), with this command:
>>>
>>> python3 -u dev-tools/scripts/smokeTestRelease.py \
>>>
>>> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>>>
>>> The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00
>>> UTC.
>>>
>>> [ ] +1  approve
>>> [ ] +0  no opinion
>>> [ ] -1  disapprove (and reason why)
>>>
>>> Here is my +1
>>>
>>> SUCCESS! [0:54:56.979538]
>>>
>>> NOTE: You must run the smoke tester from latest commit on branch_8_11,
>>> since my surname contains a unicode-character, needing a fix in the gpg
>>> command ran by the smoketester.
>>> -
>>> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
>>> For additional commands, e-mail: dev-h...@lucene.apache.org
>>>
>>>
>>
>> --
>> Anshum Gupta
>>
>
>

-- 
Anshum Gupta

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Jan Høydahl

Given the votes so far (11 binding +1) I'm also positive to publish tomorrow, 
and not wait for Friday.
The release voting rules are three or more +1 votes and more +1 votes than -1 
votes, so for the vote to fail we'd need more than 11 -1's from now :)

If I see at least 3 more of you in favor (reply with "FAST-TRACK PLEASE") and 
no justified vetoes, then I can make it happen on Thursday afternoon UTC!

Jan

> 15. des. 2021 kl. 22:57 skrev Ishan Chattopadhyaya 
> :
> 
> I think we should publish, release and announce asap, not waiting for 72h or 
> the MVN propogation.
> 
> On Thu, 16 Dec, 2021, 2:40 am Anshum Gupta,  > wrote:
> +1 (binding)
> 
> Smoke tester is happy.
> 
> SUCCESS! [1:03:13.162577]
> 
> Also tested out a sample search/indexing app.
> 
> On Tue, Dec 14, 2021 at 6:36 AM Jan Høydahl  > wrote:
> Please vote for release candidate 1 for Lucene/Solr 8.11.1
> 
> The artifacts can be downloaded from:
> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>  
> 
> 
> You can run the smoke tester directly (from a fresh branch_8_11 checkout), 
> with this command:
> 
> python3 -u dev-tools/scripts/smokeTestRelease.py \
> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>  
> 
> 
> The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00 UTC.
> 
> [ ] +1  approve
> [ ] +0  no opinion
> [ ] -1  disapprove (and reason why)
> 
> Here is my +1
> 
> SUCCESS! [0:54:56.979538]
> 
> NOTE: You must run the smoke tester from latest commit on branch_8_11, since 
> my surname contains a unicode-character, needing a fix in the gpg command ran 
> by the smoketester.
> -
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org 
> 
> For additional commands, e-mail: dev-h...@lucene.apache.org 
> 
> 
> 
> 
> -- 
> Anshum Gupta

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Ishan Chattopadhyaya

I think we should publish, release and announce asap, not waiting for 72h
or the MVN propogation.

On Thu, 16 Dec, 2021, 2:40 am Anshum Gupta,  wrote:

> +1 (binding)
>
> Smoke tester is happy.
>
> SUCCESS! [1:03:13.162577]
>
> Also tested out a sample search/indexing app.
>
> On Tue, Dec 14, 2021 at 6:36 AM Jan Høydahl  wrote:
>
>> Please vote for release candidate 1 for Lucene/Solr 8.11.1
>>
>> The artifacts can be downloaded from:
>>
>> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>>
>> You can run the smoke tester directly (from a fresh branch_8_11
>> checkout), with this command:
>>
>> python3 -u dev-tools/scripts/smokeTestRelease.py \
>>
>> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>>
>> The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00
>> UTC.
>>
>> [ ] +1  approve
>> [ ] +0  no opinion
>> [ ] -1  disapprove (and reason why)
>>
>> Here is my +1
>>
>> SUCCESS! [0:54:56.979538]
>>
>> NOTE: You must run the smoke tester from latest commit on branch_8_11,
>> since my surname contains a unicode-character, needing a fix in the gpg
>> command ran by the smoketester.
>> -
>> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
>> For additional commands, e-mail: dev-h...@lucene.apache.org
>>
>>
>
> --
> Anshum Gupta
>

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Anshum Gupta

+1 (binding)

Smoke tester is happy.

SUCCESS! [1:03:13.162577]

Also tested out a sample search/indexing app.

On Tue, Dec 14, 2021 at 6:36 AM Jan Høydahl  wrote:

> Please vote for release candidate 1 for Lucene/Solr 8.11.1
>
> The artifacts can be downloaded from:
>
> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>
> You can run the smoke tester directly (from a fresh branch_8_11 checkout),
> with this command:
>
> python3 -u dev-tools/scripts/smokeTestRelease.py \
>
> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>
> The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00
> UTC.
>
> [ ] +1  approve
> [ ] +0  no opinion
> [ ] -1  disapprove (and reason why)
>
> Here is my +1
>
> SUCCESS! [0:54:56.979538]
>
> NOTE: You must run the smoke tester from latest commit on branch_8_11,
> since my surname contains a unicode-character, needing a fix in the gpg
> command ran by the smoketester.
> -
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> For additional commands, e-mail: dev-h...@lucene.apache.org
>
>

-- 
Anshum Gupta

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Houston Putman

SUCCESS! [1:10:32.826846]

Also ran Jan's docker image using the Solr Operator and everything looked
good to me. I also tested some of the fixes included in the release.

+1 (binding)

- Houston

On Wed, Dec 15, 2021 at 3:42 PM Timothy Potter  wrote:

> Awesome, thanks Uwe!
>
> On Wed, Dec 15, 2021 at 1:39 PM Uwe Schindler  wrote:
> >
> > Hi,
> >
> > I was able to start the solr.cmd and boot up techproducts. I also
> quickly checked the changed endpoints like "export", "status", "api". Only
> "autoscaling" showed exceptions about zookeeper, not sure if this should
> show some help info instead (I ran scripts without any solr node running)..
> >
> > I haven't any problem with whitespace in my CWD.
> >
> > Uwe
> >
> > -
> > Uwe Schindler
> > Achterdiek 19, D-28357 Bremen
> > https://www.thetaphi.de
> > eMail: u...@thetaphi.de
> >
> > > -Original Message-
> > > From: Uwe Schindler 
> > > Sent: Wednesday, December 15, 2021 9:27 PM
> > > To: dev@lucene.apache.org
> > > Subject: RE: [VOTE] Release Lucene/Solr 8.11.1 RC1
> > >
> > > Will do!
> > >
> > > Uwe
> > >
> > > -
> > > Uwe Schindler
> > > Achterdiek 19, D-28357 Bremen
> > > https://www.thetaphi.de
> > > eMail: u...@thetaphi.de
> > >
> > > > -Original Message-
> > > > From: Timothy Potter 
> > > > Sent: Wednesday, December 15, 2021 9:19 PM
> > > > To: lucene dev 
> > > > Subject: Re: [VOTE] Release Lucene/Solr 8.11.1 RC1
> > > >
> > > > Anyone try manually launching the RC on Windows? There's a change to
> > > > bin/solr.cmd in this release. I tested before I committed but always
> > > > good to re-test with the RC just in case.
> > > >
> > > > Tim
> > > >
> > > > On Wed, Dec 15, 2021 at 12:30 PM Dawid Weiss 
> > > > wrote:
> > > > >
> > > > > SUCCESS! [0:56:37.756257]
> > > > >
> > > > > +1
> > > > >
> > > > > On Tue, Dec 14, 2021 at 3:36 PM Jan Høydahl  >
> > > > wrote:
> > > > > >
> > > > > > Please vote for release candidate 1 for Lucene/Solr 8.11.1
> > > > > >
> > > > > > The artifacts can be downloaded from:
> > > > > >
> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
> > > > rev0b002b11819df70783e83ef36b42ed1223c14b50
> > > > > >
> > > > > > You can run the smoke tester directly (from a fresh branch_8_11
> > > checkout),
> > > > with this command:
> > > > > >
> > > > > > python3 -u dev-tools/scripts/smokeTestRelease.py \
> > > > > >
> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
> > > > rev0b002b11819df70783e83ef36b42ed1223c14b50
> > > > > >
> > > > > > The vote will be open for at least 72 hours i.e. until
> 2021-12-17 15:00
> > > UTC.
> > > > > >
> > > > > > [ ] +1  approve
> > > > > > [ ] +0  no opinion
> > > > > > [ ] -1  disapprove (and reason why)
> > > > > >
> > > > > > Here is my +1
> > > > > >
> > > > > > SUCCESS! [0:54:56.979538]
> > > > > >
> > > > > > NOTE: You must run the smoke tester from latest commit on
> > > branch_8_11,
> > > > since my surname contains a unicode-character, needing a fix in the
> gpg
> > > > command ran by the smoketester.
> > > > > >
> -
> > > > > > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > > > > > For additional commands, e-mail: dev-h...@lucene.apache.org
> > > > > >
> > > > >
> > > > >
> -
> > > > > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > > > > For additional commands, e-mail: dev-h...@lucene.apache.org
> > > > >
> > > >
> > > > -
> > > > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > > > For additional commands, e-mail: dev-h...@lucene.apache.org
> > >
> > >
> > > -
> > > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > > For additional commands, e-mail: dev-h...@lucene.apache.org
> >
> >
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > For additional commands, e-mail: dev-h...@lucene.apache.org
> >
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> For additional commands, e-mail: dev-h...@lucene.apache.org
>
>

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Timothy Potter

Awesome, thanks Uwe!

On Wed, Dec 15, 2021 at 1:39 PM Uwe Schindler  wrote:
>
> Hi,
>
> I was able to start the solr.cmd and boot up techproducts. I also quickly 
> checked the changed endpoints like "export", "status", "api". Only 
> "autoscaling" showed exceptions about zookeeper, not sure if this should show 
> some help info instead (I ran scripts without any solr node running)..
>
> I haven't any problem with whitespace in my CWD.
>
> Uwe
>
> -
> Uwe Schindler
> Achterdiek 19, D-28357 Bremen
> https://www.thetaphi.de
> eMail: u...@thetaphi.de
>
> > -Original Message-
> > From: Uwe Schindler 
> > Sent: Wednesday, December 15, 2021 9:27 PM
> > To: dev@lucene.apache.org
> > Subject: RE: [VOTE] Release Lucene/Solr 8.11.1 RC1
> >
> > Will do!
> >
> > Uwe
> >
> > -
> > Uwe Schindler
> > Achterdiek 19, D-28357 Bremen
> > https://www.thetaphi.de
> > eMail: u...@thetaphi.de
> >
> > > -Original Message-
> > > From: Timothy Potter 
> > > Sent: Wednesday, December 15, 2021 9:19 PM
> > > To: lucene dev 
> > > Subject: Re: [VOTE] Release Lucene/Solr 8.11.1 RC1
> > >
> > > Anyone try manually launching the RC on Windows? There's a change to
> > > bin/solr.cmd in this release. I tested before I committed but always
> > > good to re-test with the RC just in case.
> > >
> > > Tim
> > >
> > > On Wed, Dec 15, 2021 at 12:30 PM Dawid Weiss 
> > > wrote:
> > > >
> > > > SUCCESS! [0:56:37.756257]
> > > >
> > > > +1
> > > >
> > > > On Tue, Dec 14, 2021 at 3:36 PM Jan Høydahl 
> > > wrote:
> > > > >
> > > > > Please vote for release candidate 1 for Lucene/Solr 8.11.1
> > > > >
> > > > > The artifacts can be downloaded from:
> > > > > https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
> > > rev0b002b11819df70783e83ef36b42ed1223c14b50
> > > > >
> > > > > You can run the smoke tester directly (from a fresh branch_8_11
> > checkout),
> > > with this command:
> > > > >
> > > > > python3 -u dev-tools/scripts/smokeTestRelease.py \
> > > > > https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
> > > rev0b002b11819df70783e83ef36b42ed1223c14b50
> > > > >
> > > > > The vote will be open for at least 72 hours i.e. until 2021-12-17 
> > > > > 15:00
> > UTC.
> > > > >
> > > > > [ ] +1  approve
> > > > > [ ] +0  no opinion
> > > > > [ ] -1  disapprove (and reason why)
> > > > >
> > > > > Here is my +1
> > > > >
> > > > > SUCCESS! [0:54:56.979538]
> > > > >
> > > > > NOTE: You must run the smoke tester from latest commit on
> > branch_8_11,
> > > since my surname contains a unicode-character, needing a fix in the gpg
> > > command ran by the smoketester.
> > > > > -
> > > > > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > > > > For additional commands, e-mail: dev-h...@lucene.apache.org
> > > > >
> > > >
> > > > -
> > > > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > > > For additional commands, e-mail: dev-h...@lucene.apache.org
> > > >
> > >
> > > -
> > > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > > For additional commands, e-mail: dev-h...@lucene.apache.org
> >
> >
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > For additional commands, e-mail: dev-h...@lucene.apache.org
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> For additional commands, e-mail: dev-h...@lucene.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

RE: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Uwe Schindler

Hi,

I was able to start the solr.cmd and boot up techproducts. I also quickly 
checked the changed endpoints like "export", "status", "api". Only 
"autoscaling" showed exceptions about zookeeper, not sure if this should show 
some help info instead (I ran scripts without any solr node running)..

I haven't any problem with whitespace in my CWD.

Uwe

-
Uwe Schindler
Achterdiek 19, D-28357 Bremen
https://www.thetaphi.de
eMail: u...@thetaphi.de

> -Original Message-
> From: Uwe Schindler 
> Sent: Wednesday, December 15, 2021 9:27 PM
> To: dev@lucene.apache.org
> Subject: RE: [VOTE] Release Lucene/Solr 8.11.1 RC1
> 
> Will do!
> 
> Uwe
> 
> -
> Uwe Schindler
> Achterdiek 19, D-28357 Bremen
> https://www.thetaphi.de
> eMail: u...@thetaphi.de
> 
> > -Original Message-
> > From: Timothy Potter 
> > Sent: Wednesday, December 15, 2021 9:19 PM
> > To: lucene dev 
> > Subject: Re: [VOTE] Release Lucene/Solr 8.11.1 RC1
> >
> > Anyone try manually launching the RC on Windows? There's a change to
> > bin/solr.cmd in this release. I tested before I committed but always
> > good to re-test with the RC just in case.
> >
> > Tim
> >
> > On Wed, Dec 15, 2021 at 12:30 PM Dawid Weiss 
> > wrote:
> > >
> > > SUCCESS! [0:56:37.756257]
> > >
> > > +1
> > >
> > > On Tue, Dec 14, 2021 at 3:36 PM Jan Høydahl 
> > wrote:
> > > >
> > > > Please vote for release candidate 1 for Lucene/Solr 8.11.1
> > > >
> > > > The artifacts can be downloaded from:
> > > > https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
> > rev0b002b11819df70783e83ef36b42ed1223c14b50
> > > >
> > > > You can run the smoke tester directly (from a fresh branch_8_11
> checkout),
> > with this command:
> > > >
> > > > python3 -u dev-tools/scripts/smokeTestRelease.py \
> > > > https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
> > rev0b002b11819df70783e83ef36b42ed1223c14b50
> > > >
> > > > The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00
> UTC.
> > > >
> > > > [ ] +1  approve
> > > > [ ] +0  no opinion
> > > > [ ] -1  disapprove (and reason why)
> > > >
> > > > Here is my +1
> > > >
> > > > SUCCESS! [0:54:56.979538]
> > > >
> > > > NOTE: You must run the smoke tester from latest commit on
> branch_8_11,
> > since my surname contains a unicode-character, needing a fix in the gpg
> > command ran by the smoketester.
> > > > -
> > > > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > > > For additional commands, e-mail: dev-h...@lucene.apache.org
> > > >
> > >
> > > -
> > > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > > For additional commands, e-mail: dev-h...@lucene.apache.org
> > >
> >
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > For additional commands, e-mail: dev-h...@lucene.apache.org
> 
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> For additional commands, e-mail: dev-h...@lucene.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

RE: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Uwe Schindler

Will do!

Uwe

-
Uwe Schindler
Achterdiek 19, D-28357 Bremen
https://www.thetaphi.de
eMail: u...@thetaphi.de

> -Original Message-
> From: Timothy Potter 
> Sent: Wednesday, December 15, 2021 9:19 PM
> To: lucene dev 
> Subject: Re: [VOTE] Release Lucene/Solr 8.11.1 RC1
> 
> Anyone try manually launching the RC on Windows? There's a change to
> bin/solr.cmd in this release. I tested before I committed but always
> good to re-test with the RC just in case.
> 
> Tim
> 
> On Wed, Dec 15, 2021 at 12:30 PM Dawid Weiss 
> wrote:
> >
> > SUCCESS! [0:56:37.756257]
> >
> > +1
> >
> > On Tue, Dec 14, 2021 at 3:36 PM Jan Høydahl 
> wrote:
> > >
> > > Please vote for release candidate 1 for Lucene/Solr 8.11.1
> > >
> > > The artifacts can be downloaded from:
> > > https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
> rev0b002b11819df70783e83ef36b42ed1223c14b50
> > >
> > > You can run the smoke tester directly (from a fresh branch_8_11 checkout),
> with this command:
> > >
> > > python3 -u dev-tools/scripts/smokeTestRelease.py \
> > > https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
> rev0b002b11819df70783e83ef36b42ed1223c14b50
> > >
> > > The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00 
> > > UTC.
> > >
> > > [ ] +1  approve
> > > [ ] +0  no opinion
> > > [ ] -1  disapprove (and reason why)
> > >
> > > Here is my +1
> > >
> > > SUCCESS! [0:54:56.979538]
> > >
> > > NOTE: You must run the smoke tester from latest commit on branch_8_11,
> since my surname contains a unicode-character, needing a fix in the gpg
> command ran by the smoketester.
> > > -
> > > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > > For additional commands, e-mail: dev-h...@lucene.apache.org
> > >
> >
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > For additional commands, e-mail: dev-h...@lucene.apache.org
> >
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> For additional commands, e-mail: dev-h...@lucene.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Timothy Potter

Anyone try manually launching the RC on Windows? There's a change to
bin/solr.cmd in this release. I tested before I committed but always
good to re-test with the RC just in case.

Tim

On Wed, Dec 15, 2021 at 12:30 PM Dawid Weiss  wrote:
>
> SUCCESS! [0:56:37.756257]
>
> +1
>
> On Tue, Dec 14, 2021 at 3:36 PM Jan Høydahl  wrote:
> >
> > Please vote for release candidate 1 for Lucene/Solr 8.11.1
> >
> > The artifacts can be downloaded from:
> > https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
> >
> > You can run the smoke tester directly (from a fresh branch_8_11 checkout), 
> > with this command:
> >
> > python3 -u dev-tools/scripts/smokeTestRelease.py \
> > https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
> >
> > The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00 UTC.
> >
> > [ ] +1  approve
> > [ ] +0  no opinion
> > [ ] -1  disapprove (and reason why)
> >
> > Here is my +1
> >
> > SUCCESS! [0:54:56.979538]
> >
> > NOTE: You must run the smoke tester from latest commit on branch_8_11, 
> > since my surname contains a unicode-character, needing a fix in the gpg 
> > command ran by the smoketester.
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > For additional commands, e-mail: dev-h...@lucene.apache.org
> >
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> For additional commands, e-mail: dev-h...@lucene.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

Re: [VOTE] Release PyLucene 8.11.0 rc2

2021-12-15 Thread Andi Vajda




This vote has passed !
Thank you all who voted.
The PyLucene 8.11.0 release artifacts should be available shortly.

Andi..

On Fri, 10 Dec 2021, Andi Vajda wrote:



The rc1 vote failed because of a bug fix in JCC that helps with detecting
the Temurin JDK - available from https://adoptium.net.
IIUC, the Temurin JDK supercedes AdoptOpenJDK.

Please vote on PyLucene 8.11.0 rc2 instead. These release artifacts were 
built

and tested with Temurin JDK 17.

  

The PyLucene 8.11.0 (rc2) release tracking the recent release of
Apache Lucene 8.11.0 is ready.

This should be the last of the PyLucene 8.x releases (!) since Lucene 9.0 is 
now available.


A release candidate is available from:
 https://dist.apache.org/repos/dist/dev/lucene/pylucene/8.11.0-rc2/

PyLucene 8.11.0 is built with JCC 3.11, included in these release artifacts.

JCC 3.11 supports Python 3.3 up to Python 3.9 (in addition to Python 2.3+).
JCC 3.11 supports building PyLucene with JDK 17 Apple M1.
PyLucene may be built with Python 2 or Python 3.

Please vote to release these artifacts as PyLucene 8.11.0.
Anyone interested in this release can and should vote !

Thanks !

Andi..

ps: the KEYS file for PyLucene release signing is at:
https://dist.apache.org/repos/dist/release/lucene/pylucene/KEYS
https://dist.apache.org/repos/dist/dev/lucene/pylucene/KEYS

pps: here is my +1

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Dawid Weiss

SUCCESS! [0:56:37.756257]

+1

On Tue, Dec 14, 2021 at 3:36 PM Jan Høydahl  wrote:
>
> Please vote for release candidate 1 for Lucene/Solr 8.11.1
>
> The artifacts can be downloaded from:
> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>
> You can run the smoke tester directly (from a fresh branch_8_11 checkout), 
> with this command:
>
> python3 -u dev-tools/scripts/smokeTestRelease.py \
> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>
> The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00 UTC.
>
> [ ] +1  approve
> [ ] +0  no opinion
> [ ] -1  disapprove (and reason why)
>
> Here is my +1
>
> SUCCESS! [0:54:56.979538]
>
> NOTE: You must run the smoke tester from latest commit on branch_8_11, since 
> my surname contains a unicode-character, needing a fix in the gpg command ran 
> by the smoketester.
> -
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> For additional commands, e-mail: dev-h...@lucene.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

RE: Log4j < 2.15.0 may still be vulnerable even if -Dlog4j2.formatMsgNoLookups=true is set

2021-12-15 Thread Uwe Schindler

Hi all, I prepared a PR about the followup CVE-2021-45046: 
https://github.com/apache/solr-site/pull/59

 

Please verify and make suggestion. I will merge this into main/production later.

 

Uwe

 

-

Uwe Schindler

Achterdiek 19, D-28357 Bremen

https://www.thetaphi.de

eMail: u...@thetaphi.de

 

From: Uwe Schindler  
Sent: Wednesday, December 15, 2021 3:31 PM
To: 'dev@lucene.apache.org' 
Subject: RE: Log4j < 2.15.0 may still be vulnerable even if 
-Dlog4j2.formatMsgNoLookups=true is set

 

We should add this to the webpage. Another one asked on the security mailing 
list.

 

Uwe

 

-

Uwe Schindler

Achterdiek 19, D-28357 Bremen

https://www.thetaphi.de

eMail: u...@thetaphi.de  

 

From: Gus Heck mailto:gus.h...@gmail.com> > 
Sent: Wednesday, December 15, 2021 12:39 AM
To: dev mailto:dev@lucene.apache.org> >
Subject: Re: Log4j < 2.15.0 may still be vulnerable even if 
-Dlog4j2.formatMsgNoLookups=true is set

 

Perhaps we could tweak it to say that the system property fix is sufficient 
*for Solr* (i.e. not imply that it is a valid work around for all cases)

 

On Tue, Dec 14, 2021 at 6:20 PM Uwe Schindler mailto:u...@thetaphi.de> > wrote:

The other attack vectors are also not possible with Solr:

- Logger.printf("%s", userInput) is not used
- custom message factory is not used

Uwe

Am 14. Dezember 2021 22:59:26 UTC schrieb Uwe Schindler mailto:u...@thetaphi.de> >:

It is still a valid mitigation.

Mike Drobban I explained it. MDC is the other attack vector and that's not an 
issue with Solr.

Please accept this, just because the documentation of log4j changes, there's no 
additional risk. We may update the mitigation to mention that in Solr's case 
the system property is fine.

Uwe

Am 14. Dezember 2021 22:52:29 UTC schrieb solr mailto:fred...@rodland.no> >:

Ok.

But FTR - apache/log4j has discredited just setting the system property as a 
mitigation measure, so I still think the SOLR security-page should be changed 
to not list this as a valid mitigation:

https://logging.apache.org/log4j/2.x/security.html
"Older (discredited) mitigation measures

This page previously mentioned other mitigation measures, but we discovered 
that these measures only limit exposure while leaving some attack vectors open.

Other insufficient mitigation measures are: setting system property 
log4j2.formatMsgNoLookups or environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS 
to true for releases >= 2.10, or modifying the logging configuration to disable 
message lookups with %m{nolookups}, %msg{nolookups} or %message{nolookups} for 
releases >= 2.7 and <= 2.14.1.
“

Regards,


Fredrik


--
Fredrik Rødland   Cell:+47 99 21 98 17
Maisen Pedersens vei 1Twitter: @fredrikr
NO-1363 Høvik, NORWAY flickr:  http://www.flickr.com/fmmr/
http://rodland.no about.me   http://about.me/fmr



On 14 Dec 2021, at 23:44, Mike Drob mailto:md...@mdrob.com> > 
wrote:

The MDC Patterns used by solr are for the collection, shard, replica, core and 
node names, and a potential trace id. All of those are restricted to 
alphanumeric, no special characters like $ or { needed for the injection. And 
trying to access a collection that didn’t exist Returns 404 without logging.

Upgrading is always going to be more complete, but I think we’re still ok for 
now, at least until the next iteration of this attack surfaces.



On Tue, Dec 14, 2021 at 3:37 PM solr mailto:fred...@rodland.no> > wrote:
Only setting -Dlog4j2.formatMsgNoLookups=true might not be enough to mitigate 
the log4j vulnerability.

See https://github.com/kmindi/log4shell-vulnerable-app
“So even with LOG4J_FORMAT_MSG_NO_LOOKUPS true version 2.14.1 of log4j is 
vulnerable when using ThreadContextMap in PatternLayout.”

ThreadContext.put(key, value) is used under the hood by MDC.  I’m not sure 
wether any user-input is actually stored in MDC in SOLR.


Probably this should be updated: 
https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228

And maybe consider releasing patch releases for other versions than 8.11 as 
well which includes log4j 2.16.0?



Regards,


Fredrik


--
Fredrik Rødland   Cell:+47 99 21 98 17
Maisen Pedersens vei 1Twitter: @fredrikr
NO-1363 Høvik, NORWAY flickr:  http://www.flickr.com/fmmr/
http://rodland.no about.me   http://about.me/fmr


  _  

To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org 
 
For additional commands, e-mail: dev-h...@lucene.apache.org 
 



  _  

To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org 
 
For additional commands, e-mail: dev-h...@lucene.apache.org 
 

--
Uwe Schindler
Achterdiek 19, 28357 Bremen
https://www.thetaphi.de

--
Uwe Schindler
Achterdiek 19, 28357 Bremen

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Gus Heck

+1 (binding)

smoke tester pass, local 4 node cluster started via cloud.sh (-r to build
from local check out of 0b002b11819df70783e83ef36b42ed1223c14b50) created 2
collections added one doc to each, queried each and both via an alias.

On Wed, Dec 15, 2021 at 11:17 AM Jan Høydahl  wrote:

> I think ASF allows exception to the 72h voting rule for urgent fixes. The
> current vote result is 7 "+1" and no "-1". So if we figure out how to
> trigger that exception we could push it e.g. tomorrow instad of Friday?
>
> Jan
>
> > 15. des. 2021 kl. 15:29 skrev Uwe Schindler :
> >
> > Hi,
> >
> > Policeman Jenkins tested the relaese with Smoketester:
> >
> > SUCCESS! [1:28:23.237262]
> > Finished: SUCCESS
> >
> >
> https://jenkins.thetaphi.de/job/Lucene-Solr-8.x-Release-Tester/38/console
> >
> > I did not do futher checks, I just want to get the release out soon!
> Thanks
> > to Jan to do the release so fast.
> >
> > In the release notes of Lucene we should just mention that log4j was
> updated
> > (Luke and possibly Replicator). A changes entry was forgotten, but that's
> > not urgent.
> >
> > So here's my +1
> > Uwe
> >
> > -
> > Uwe Schindler
> > Achterdiek 19, D-28357 Bremen
> > https://www.thetaphi.de
> > eMail: u...@thetaphi.de
> >
> >> -Original Message-
> >> From: Jan Høydahl 
> >> Sent: Tuesday, December 14, 2021 3:36 PM
> >> To: Lucene Dev 
> >> Subject: [VOTE] Release Lucene/Solr 8.11.1 RC1
> >>
> >> Please vote for release candidate 1 for Lucene/Solr 8.11.1
> >>
> >> The artifacts can be downloaded from:
> >> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
> >> rev0b002b11819df70783e83ef36b42ed1223c14b50
> >>
> >> You can run the smoke tester directly (from a fresh branch_8_11
> checkout),
> >> with this command:
> >>
> >> python3 -u dev-tools/scripts/smokeTestRelease.py \
> >> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
> >> rev0b002b11819df70783e83ef36b42ed1223c14b50
> >>
> >> The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00
> > UTC.
> >>
> >> [ ] +1  approve
> >> [ ] +0  no opinion
> >> [ ] -1  disapprove (and reason why)
> >>
> >> Here is my +1
> >>
> >> SUCCESS! [0:54:56.979538]
> >>
> >> NOTE: You must run the smoke tester from latest commit on branch_8_11,
> >> since my surname contains a unicode-character, needing a fix in the gpg
> >> command ran by the smoketester.
> >> -
> >> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> >> For additional commands, e-mail: dev-h...@lucene.apache.org
> >
> >
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > For additional commands, e-mail: dev-h...@lucene.apache.org
> >
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> For additional commands, e-mail: dev-h...@lucene.apache.org
>
>

-- 
http://www.needhamsoftware.com (work)
http://www.the111shift.com (play)

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread David Smiley

+1

SUCCESS! [1:27:33.004868]


~ David Smiley
Apache Lucene/Solr Search Developer
http://www.linkedin.com/in/davidwsmiley


On Wed, Dec 15, 2021 at 11:17 AM Jan Høydahl  wrote:

> I think ASF allows exception to the 72h voting rule for urgent fixes. The
> current vote result is 7 "+1" and no "-1". So if we figure out how to
> trigger that exception we could push it e.g. tomorrow instad of Friday?
>
> Jan
>
> > 15. des. 2021 kl. 15:29 skrev Uwe Schindler :
> >
> > Hi,
> >
> > Policeman Jenkins tested the relaese with Smoketester:
> >
> > SUCCESS! [1:28:23.237262]
> > Finished: SUCCESS
> >
> >
> https://jenkins.thetaphi.de/job/Lucene-Solr-8.x-Release-Tester/38/console
> >
> > I did not do futher checks, I just want to get the release out soon!
> Thanks
> > to Jan to do the release so fast.
> >
> > In the release notes of Lucene we should just mention that log4j was
> updated
> > (Luke and possibly Replicator). A changes entry was forgotten, but that's
> > not urgent.
> >
> > So here's my +1
> > Uwe
> >
> > -
> > Uwe Schindler
> > Achterdiek 19, D-28357 Bremen
> > https://www.thetaphi.de
> > eMail: u...@thetaphi.de
> >
> >> -Original Message-
> >> From: Jan Høydahl 
> >> Sent: Tuesday, December 14, 2021 3:36 PM
> >> To: Lucene Dev 
> >> Subject: [VOTE] Release Lucene/Solr 8.11.1 RC1
> >>
> >> Please vote for release candidate 1 for Lucene/Solr 8.11.1
> >>
> >> The artifacts can be downloaded from:
> >> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
> >> rev0b002b11819df70783e83ef36b42ed1223c14b50
> >>
> >> You can run the smoke tester directly (from a fresh branch_8_11
> checkout),
> >> with this command:
> >>
> >> python3 -u dev-tools/scripts/smokeTestRelease.py \
> >> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
> >> rev0b002b11819df70783e83ef36b42ed1223c14b50
> >>
> >> The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00
> > UTC.
> >>
> >> [ ] +1  approve
> >> [ ] +0  no opinion
> >> [ ] -1  disapprove (and reason why)
> >>
> >> Here is my +1
> >>
> >> SUCCESS! [0:54:56.979538]
> >>
> >> NOTE: You must run the smoke tester from latest commit on branch_8_11,
> >> since my surname contains a unicode-character, needing a fix in the gpg
> >> command ran by the smoketester.
> >> -
> >> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> >> For additional commands, e-mail: dev-h...@lucene.apache.org
> >
> >
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> > For additional commands, e-mail: dev-h...@lucene.apache.org
> >
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> For additional commands, e-mail: dev-h...@lucene.apache.org
>
>

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Jan Høydahl

I think ASF allows exception to the 72h voting rule for urgent fixes. The 
current vote result is 7 "+1" and no "-1". So if we figure out how to trigger 
that exception we could push it e.g. tomorrow instad of Friday?

Jan

> 15. des. 2021 kl. 15:29 skrev Uwe Schindler :
> 
> Hi,
> 
> Policeman Jenkins tested the relaese with Smoketester:
> 
> SUCCESS! [1:28:23.237262]
> Finished: SUCCESS
> 
> https://jenkins.thetaphi.de/job/Lucene-Solr-8.x-Release-Tester/38/console
> 
> I did not do futher checks, I just want to get the release out soon! Thanks
> to Jan to do the release so fast.
> 
> In the release notes of Lucene we should just mention that log4j was updated
> (Luke and possibly Replicator). A changes entry was forgotten, but that's
> not urgent.
> 
> So here's my +1
> Uwe
> 
> -
> Uwe Schindler
> Achterdiek 19, D-28357 Bremen
> https://www.thetaphi.de
> eMail: u...@thetaphi.de
> 
>> -Original Message-
>> From: Jan Høydahl 
>> Sent: Tuesday, December 14, 2021 3:36 PM
>> To: Lucene Dev 
>> Subject: [VOTE] Release Lucene/Solr 8.11.1 RC1
>> 
>> Please vote for release candidate 1 for Lucene/Solr 8.11.1
>> 
>> The artifacts can be downloaded from:
>> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
>> rev0b002b11819df70783e83ef36b42ed1223c14b50
>> 
>> You can run the smoke tester directly (from a fresh branch_8_11 checkout),
>> with this command:
>> 
>> python3 -u dev-tools/scripts/smokeTestRelease.py \
>> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
>> rev0b002b11819df70783e83ef36b42ed1223c14b50
>> 
>> The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00
> UTC.
>> 
>> [ ] +1  approve
>> [ ] +0  no opinion
>> [ ] -1  disapprove (and reason why)
>> 
>> Here is my +1
>> 
>> SUCCESS! [0:54:56.979538]
>> 
>> NOTE: You must run the smoke tester from latest commit on branch_8_11,
>> since my surname contains a unicode-character, needing a fix in the gpg
>> command ran by the smoketester.
>> -
>> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
>> For additional commands, e-mail: dev-h...@lucene.apache.org
> 
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> For additional commands, e-mail: dev-h...@lucene.apache.org
> 


-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

RE: Log4j < 2.15.0 may still be vulnerable even if -Dlog4j2.formatMsgNoLookups=true is set

2021-12-15 Thread Uwe Schindler

We should add this to the webpage. Another one asked on the security mailing 
list.

 

Uwe

 

-

Uwe Schindler

Achterdiek 19, D-28357 Bremen

https://www.thetaphi.de

eMail: u...@thetaphi.de

 

From: Gus Heck  
Sent: Wednesday, December 15, 2021 12:39 AM
To: dev 
Subject: Re: Log4j < 2.15.0 may still be vulnerable even if 
-Dlog4j2.formatMsgNoLookups=true is set

 

Perhaps we could tweak it to say that the system property fix is sufficient 
*for Solr* (i.e. not imply that it is a valid work around for all cases)

 

On Tue, Dec 14, 2021 at 6:20 PM Uwe Schindler mailto:u...@thetaphi.de> > wrote:

The other attack vectors are also not possible with Solr:

- Logger.printf("%s", userInput) is not used
- custom message factory is not used

Uwe

Am 14. Dezember 2021 22:59:26 UTC schrieb Uwe Schindler mailto:u...@thetaphi.de> >:

It is still a valid mitigation.

Mike Drobban I explained it. MDC is the other attack vector and that's not an 
issue with Solr.

Please accept this, just because the documentation of log4j changes, there's no 
additional risk. We may update the mitigation to mention that in Solr's case 
the system property is fine.

Uwe

Am 14. Dezember 2021 22:52:29 UTC schrieb solr mailto:fred...@rodland.no> >:

Ok.

But FTR - apache/log4j has discredited just setting the system property as a 
mitigation measure, so I still think the SOLR security-page should be changed 
to not list this as a valid mitigation:

https://logging.apache.org/log4j/2.x/security.html
"Older (discredited) mitigation measures

This page previously mentioned other mitigation measures, but we discovered 
that these measures only limit exposure while leaving some attack vectors open.

Other insufficient mitigation measures are: setting system property 
log4j2.formatMsgNoLookups or environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS 
to true for releases >= 2.10, or modifying the logging configuration to disable 
message lookups with %m{nolookups}, %msg{nolookups} or %message{nolookups} for 
releases >= 2.7 and <= 2.14.1.
“

Regards,


Fredrik


--
Fredrik Rødland   Cell:+47 99 21 98 17
Maisen Pedersens vei 1Twitter: @fredrikr
NO-1363 Høvik, NORWAY flickr:  http://www.flickr.com/fmmr/
http://rodland.no about.me   http://about.me/fmr




On 14 Dec 2021, at 23:44, Mike Drob mailto:md...@mdrob.com> > 
wrote:

The MDC Patterns used by solr are for the collection, shard, replica, core and 
node names, and a potential trace id. All of those are restricted to 
alphanumeric, no special characters like $ or { needed for the injection. And 
trying to access a collection that didn’t exist Returns 404 without logging.

Upgrading is always going to be more complete, but I think we’re still ok for 
now, at least until the next iteration of this attack surfaces.



On Tue, Dec 14, 2021 at 3:37 PM solr mailto:fred...@rodland.no> > wrote:
Only setting -Dlog4j2.formatMsgNoLookups=true might not be enough to mitigate 
the log4j vulnerability.

See https://github.com/kmindi/log4shell-vulnerable-app
“So even with LOG4J_FORMAT_MSG_NO_LOOKUPS true version 2.14.1 of log4j is 
vulnerable when using ThreadContextMap in PatternLayout.”

ThreadContext.put(key, value) is used under the hood by MDC.  I’m not sure 
wether any user-input is actually stored in MDC in SOLR.


Probably this should be updated: 
https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228

And maybe consider releasing patch releases for other versions than 8.11 as 
well which includes log4j 2.16.0?



Regards,


Fredrik


--
Fredrik Rødland   Cell:+47 99 21 98 17
Maisen Pedersens vei 1Twitter: @fredrikr
NO-1363 Høvik, NORWAY flickr:  http://www.flickr.com/fmmr/
http://rodland.no about.me   http://about.me/fmr


  _  

To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org 
 
For additional commands, e-mail: dev-h...@lucene.apache.org 
 



  _  

To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org 
 
For additional commands, e-mail: dev-h...@lucene.apache.org 
 

--
Uwe Schindler
Achterdiek 19, 28357 Bremen
https://www.thetaphi.de

--
Uwe Schindler
Achterdiek 19, 28357 Bremen
https://www.thetaphi.de




 

-- 

http://www.needhamsoftware.com (work)

http://www.the111shift.com (play)

RE: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Uwe Schindler

Hi,

Policeman Jenkins tested the relaese with Smoketester:

SUCCESS! [1:28:23.237262]
Finished: SUCCESS

https://jenkins.thetaphi.de/job/Lucene-Solr-8.x-Release-Tester/38/console

I did not do futher checks, I just want to get the release out soon! Thanks
to Jan to do the release so fast.

In the release notes of Lucene we should just mention that log4j was updated
(Luke and possibly Replicator). A changes entry was forgotten, but that's
not urgent.

So here's my +1
Uwe

-
Uwe Schindler
Achterdiek 19, D-28357 Bremen
https://www.thetaphi.de
eMail: u...@thetaphi.de

> -Original Message-
> From: Jan Høydahl 
> Sent: Tuesday, December 14, 2021 3:36 PM
> To: Lucene Dev 
> Subject: [VOTE] Release Lucene/Solr 8.11.1 RC1
> 
> Please vote for release candidate 1 for Lucene/Solr 8.11.1
> 
> The artifacts can be downloaded from:
> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
> rev0b002b11819df70783e83ef36b42ed1223c14b50
> 
> You can run the smoke tester directly (from a fresh branch_8_11 checkout),
> with this command:
> 
> python3 -u dev-tools/scripts/smokeTestRelease.py \
> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-
> rev0b002b11819df70783e83ef36b42ed1223c14b50
> 
> The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00
UTC.
> 
> [ ] +1  approve
> [ ] +0  no opinion
> [ ] -1  disapprove (and reason why)
> 
> Here is my +1
> 
> SUCCESS! [0:54:56.979538]
> 
> NOTE: You must run the smoke tester from latest commit on branch_8_11,
> since my surname contains a unicode-character, needing a fix in the gpg
> command ran by the smoketester.
> -
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> For additional commands, e-mail: dev-h...@lucene.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Jan Høydahl

If anyone wants to test RC1 in Docker or solr-operator, here is an image: 
cominvent/solr:8.11.1-rc1 

Example:

  docker run --rm -p 8983:8983 cominvent/solr:8.11.1-rc1 -c

Jan

> 15. des. 2021 kl. 13:17 skrev Michael McCandless :
> 
> +1 from me from smoke test result:
> 
> SUCCESS! [0:43:56.320467]
> 
> It failed the first time with this failure, but I re-ran and succeeded above:
> 
>[junit4] Suite: org.apache.solr.security.JWTIssuerConfigTest
>[junit4]   2> 996270 INFO  
> (SUITE-JWTIssuerConfigTest-seed#[6DC363670E25C70C]-worker) [ ] 
> o.a.s.SolrTestCase Setting 'solr.default.confdir' system property to 
> test-framework derived value of '/tmp/smoke_l\
> ucene_8.11.1_0b002b11819df70783e83ef36b42ed1223c14b50/unpack/solr-8.11.1/solr/server/solr/configsets/_default/conf'
>[junit4]   2> NOTE: reproduce with: ant test  
> -Dtestcase=JWTIssuerConfigTest -Dtests.method=jwksUrlwithHttpBehaviors 
> -Dtests.seed=6DC363670E25C70C -Dtests.locale=da-DK 
> -Dtests.timezone=Europe/Isle_of_Man -Dte\
> sts.asserts=true -Dtests.file.encoding=UTF-8
>[junit4] FAILURE 0.01s J0 | JWTIssuerConfigTest.jwksUrlwithHttpBehaviors 
> <<<
>[junit4]> Throwable #1: junit.framework.AssertionFailedError: Expected 
> exception SolrException but no exception was thrown
>[junit4]>at 
> __randomizedtesting.SeedInfo.seed([6DC363670E25C70C:2678FED260C5F46]:0)
>[junit4]>at 
> org.apache.lucene.util.LuceneTestCase.expectThrows(LuceneTestCase.java:2759)
>[junit4]>at 
> org.apache.lucene.util.LuceneTestCase.expectThrows(LuceneTestCase.java:2749)
>[junit4]>at 
> org.apache.solr.security.JWTIssuerConfigTest.jwksUrlwithHttpBehaviors(JWTIssuerConfigTest.java:145)
>[junit4]>at java.lang.Thread.run(Thread.java:748)
>[junit4]   2> NOTE: test params are: codec=Asserting(Lucene87): {}, 
> docValues:{}, maxPointsInLeafNode=412, maxMBSortInHeap=5.443718473632918, 
> sim=Asserting(RandomSimilarity(queryNorm=true): {}), locale=da-DK,\
>  timezone=Europe/Isle_of_Man
>[junit4]   2> NOTE: Linux 5.14.12-arch1-1 amd64/Oracle Corporation 
> 1.8.0_251 (64-bit)/cpus=128,threads=1,free=134208904,total=508035072
> 
> Mike McCandless
> 
> http://blog.mikemccandless.com 
> 
> On Tue, Dec 14, 2021 at 11:51 PM Ishan Chattopadhyaya 
> mailto:ichattopadhy...@gmail.com>> wrote:
> Ran the smoke tested, and it passed.
> 
> SUCCESS! [1:21:47.769507]
> 
> +1
> 
> On Wed, Dec 15, 2021 at 9:28 AM Mike Drob  > wrote:
> +1 (binding)
> 
> ran smoke tester - unit tests passed the first time but timed out downloading 
> artifacts from maven. reran a second time, modifying the smoke test script to 
> not run solr tests (again) and the script passed.
> 
> started up a solr server from the unpacked download and verified it against a 
> few log4j injections, server responded appropriately each time
> 
> manually verified a few of the other bugs having been fixed going into 8.11.1
> 
> SUCCESS! [0:35:37.290016]
> 
> On Tue, Dec 14, 2021 at 7:24 PM Timothy Potter  > wrote:
> +1 (binding) ~ just ran smoke tester this time
> 
> SUCCESS! [1:16:20.247006]
> 
> On Tue, Dec 14, 2021 at 7:36 AM Jan Høydahl  > wrote:
> >
> > Please vote for release candidate 1 for Lucene/Solr 8.11.1
> >
> > The artifacts can be downloaded from:
> > https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
> >  
> > 
> >
> > You can run the smoke tester directly (from a fresh branch_8_11 checkout), 
> > with this command:
> >
> > python3 -u dev-tools/scripts/smokeTestRelease.py \
> > https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
> >  
> > 
> >
> > The vote will be open for at least 72 hours i.e. until 2021-12-17 15:00 UTC.
> >
> > [ ] +1  approve
> > [ ] +0  no opinion
> > [ ] -1  disapprove (and reason why)
> >
> > Here is my +1
> >
> > SUCCESS! [0:54:56.979538]
> >
> > NOTE: You must run the smoke tester from latest commit on branch_8_11, 
> > since my surname contains a unicode-character, needing a fix in the gpg 
> > command ran by the smoketester.
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org 
> > 
> > For additional commands, e-mail: dev-h...@lucene.apache.org 
> > 
> >
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org 
> 
> For additional

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

2021-12-15 Thread Michael McCandless

+1 from me from smoke test result:


SUCCESS! [0:43:56.320467]

It failed the first time with this failure, but I re-ran and succeeded
above:

   [junit4] Suite: org.apache.solr.security.JWTIssuerConfigTest

   [junit4]   2> 996270 INFO
(SUITE-JWTIssuerConfigTest-seed#[6DC363670E25C70C]-worker)
[ ] o.a.s.SolrTestCase Setting 'solr.default.confdir' system property
to test-framework derived value of '/tmp/smoke_l\

ucene_8.11.1_0b002b11819df70783e83ef36b42ed1223c14b50/unpack/solr-8.11.1/solr/server/solr/configsets/_default/conf'

   [junit4]   2> NOTE: reproduce with: ant test  -Dtestcase=JWTIssuerConfigTest
-Dtests.method=jwksUrlwithHttpBehaviors -Dtests.seed=6DC363670E25C70C
-Dtests.locale=da-DK -Dtests.timezone=Europe/Isle_of_Man -Dte\

sts.asserts=true -Dtests.file.encoding=UTF-8

   [junit4] FAILURE 0.01s J0 | JWTIssuerConfigTest.jwksUrlwithHttpBehaviors
<<<

   [junit4]> Throwable #1: junit.framework.AssertionFailedError:
Expected exception SolrException but no exception was thrown

   [junit4]>at
__randomizedtesting.SeedInfo.seed([6DC363670E25C70C:2678FED260C5F46]:0)

   [junit4]>at
org.apache.lucene.util.LuceneTestCase.expectThrows(LuceneTestCase.java:2759)

   [junit4]>at
org.apache.lucene.util.LuceneTestCase.expectThrows(LuceneTestCase.java:2749)

   [junit4]>at
org.apache.solr.security.JWTIssuerConfigTest.jwksUrlwithHttpBehaviors(JWTIssuerConfigTest.java:145)

   [junit4]>at java.lang.Thread.run(Thread.java:748)

   [junit4]   2> NOTE: test params are: codec=Asserting(Lucene87): {},
docValues:{}, maxPointsInLeafNode=412, maxMBSortInHeap=5.443718473632918,
sim=Asserting(RandomSimilarity(queryNorm=true): {}), locale=da-DK,\

 timezone=Europe/Isle_of_Man

   [junit4]   2> NOTE: Linux 5.14.12-arch1-1 amd64/Oracle Corporation
1.8.0_251 (64-bit)/cpus=128,threads=1,free=134208904,total=508035072

Mike McCandless

http://blog.mikemccandless.com


On Tue, Dec 14, 2021 at 11:51 PM Ishan Chattopadhyaya <
ichattopadhy...@gmail.com> wrote:

> Ran the smoke tested, and it passed.
>
> SUCCESS! [1:21:47.769507]
>
> +1
>
> On Wed, Dec 15, 2021 at 9:28 AM Mike Drob  wrote:
>
>> +1 (binding)
>>
>> ran smoke tester - unit tests passed the first time but timed out
>> downloading artifacts from maven. reran a second time, modifying the smoke
>> test script to not run solr tests (again) and the script passed.
>>
>> started up a solr server from the unpacked download and verified it
>> against a few log4j injections, server responded appropriately each time
>>
>> manually verified a few of the other bugs having been fixed going into
>> 8.11.1
>>
>> SUCCESS! [0:35:37.290016]
>>
>> On Tue, Dec 14, 2021 at 7:24 PM Timothy Potter 
>> wrote:
>>
>>> +1 (binding) ~ just ran smoke tester this time
>>>
>>> SUCCESS! [1:16:20.247006]
>>>
>>> On Tue, Dec 14, 2021 at 7:36 AM Jan Høydahl 
>>> wrote:
>>> >
>>> > Please vote for release candidate 1 for Lucene/Solr 8.11.1
>>> >
>>> > The artifacts can be downloaded from:
>>> >
>>> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>>> >
>>> > You can run the smoke tester directly (from a fresh branch_8_11
>>> checkout), with this command:
>>> >
>>> > python3 -u dev-tools/scripts/smokeTestRelease.py \
>>> >
>>> https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-8.11.1-RC1-rev0b002b11819df70783e83ef36b42ed1223c14b50
>>> >
>>> > The vote will be open for at least 72 hours i.e. until 2021-12-17
>>> 15:00 UTC.
>>> >
>>> > [ ] +1  approve
>>> > [ ] +0  no opinion
>>> > [ ] -1  disapprove (and reason why)
>>> >
>>> > Here is my +1
>>> >
>>> > SUCCESS! [0:54:56.979538]
>>> >
>>> > NOTE: You must run the smoke tester from latest commit on branch_8_11,
>>> since my surname contains a unicode-character, needing a fix in the gpg
>>> command ran by the smoketester.
>>> > -
>>> > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
>>> > For additional commands, e-mail: dev-h...@lucene.apache.org
>>> >
>>>
>>> -
>>> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
>>> For additional commands, e-mail: dev-h...@lucene.apache.org
>>>
>>>

Re: Article link at Lucene FAQ does not exist anymore

2021-12-15 Thread Michael Wechner


I have removed it now :-)

Am 22.11.21 um 18:18 schrieb Michael Wechner:

Hi

The QnA

https://cwiki.apache.org/confluence/display/lucene/lucenefaq#LuceneFAQ-HowcanIindexXMLdocuments?

is pointing to (See also this article Parsing, indexing, and searching 
XML with Digester and Lucene 
.)


http://www-106.ibm.com/developerworks/library/j-lucene/

but this does not seem to exist anymore and one gets redirected to

https://developer.ibm.com/

I have found an old copy from 2003

https://web.archive.org/web/20030608074955/http://www-106.ibm.com/developerworks/library/j-lucene/

but I guess it does not really make sense to still link this, right?

Thanks

Michael

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

RE: [VOTE] Release Lucene/Solr 8.11.1 RC1

RE: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: [VOTE] Release PyLucene 8.11.0 rc2

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

RE: Log4j < 2.15.0 may still be vulnerable even if -Dlog4j2.formatMsgNoLookups=true is set

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

RE: Log4j < 2.15.0 may still be vulnerable even if -Dlog4j2.formatMsgNoLookups=true is set

RE: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: [VOTE] Release Lucene/Solr 8.11.1 RC1

Re: Article link at Lucene FAQ does not exist anymore

23 matches

Site Navigation

Mail list logo

Footer information