Re: [ANNOUNCE] Apache Solr 6.6.2 released

2017-10-18 Thread Ishan Chattopadhyaya 
You can now access them. Thanks for your patience and understanding.

On 18 Oct 2017 3:15 pm, "Ishan Chattopadhyaya" 
wrote:

> Hi Bernd,
>
> > I get something like "permissionViolation=true", even after login!!!
> This is due to the security sensitive nature of those issues. Only PMC
> members have access to those issues at the moment.
> Please revisit those issues after Solr 5.5.5 release to see if you can
> access them.
>
> > Is SOLR going to be closed source?
> No
>
> > Do we have to pay for seeing the issues? ;-)
> No
>
> Regards,
> Ishan
>
>
> On Wed, Oct 18, 2017 at 2:23 PM, Bernd Fehling <
> bernd.fehl...@uni-bielefeld.de> wrote:
>
>> Thanks,
>> but I tried to access the mentioned issues of
>> https://lucene.apache.org/solr/6_6_2/changes/Changes.html
>>
>> https://issues.apache.org/jira/browse/SOLR-11477
>> https://issues.apache.org/jira/browse/SOLR-11482
>>
>> I get something like "permissionViolation=true", even after login!!!
>>
>> Is SOLR going to be closed source?
>>
>> Do we have to pay for seeing the issues? ;-)
>>
>> Regards
>> Bernd
>>
>>
>> Am 18.10.2017 um 10:29 schrieb Ishan Chattopadhyaya:
>> > 18 October 2017, Apache Solr™ 6.6.2 available
>> >
>> > The Lucene PMC is pleased to announce the release of Apache Solr 6.6.2
>> >
>> > Solr is the popular, blazing fast, open source NoSQL search platform
>> from
>> > the
>> > Apache Lucene project. Its major features include powerful full-text
>> > search,
>> > hit highlighting, faceted search and analytics, rich document parsing,
>> > geospatial search, extensive REST APIs as well as parallel SQL. Solr is
>> > enterprise grade, secure and highly scalable, providing fault tolerant
>> > distributed search and indexing, and powers the search and navigation
>> > features
>> > of many of the world's largest internet sites.
>> >
>> > This release includes a critical security fix and a bugfix. Details:
>> >
>> > * Fix for a 0-day exploit (CVE-2017-12629), details:
>> > https://s.apache.org/FJDl.
>> >   RunExecutableListener has been disabled by default (can be enabled by
>> >   -Dsolr.enableRunExecutableListener=true) and resolving external
>> entities
>> > in
>> >   the XML query parser (defType=xmlparser or {!xmlparser ... }) is
>> disabled
>> > by
>> >   default.
>> >
>> > * Fix a bug where Solr was attempting to load the same core twice (Error
>> > message:
>> >   "Lock held by this virtual machine").
>> >
>> > Furthermore, this release includes Apache Lucene 6.6.2 which includes
>> one
>> > security
>> > fix since the 6.6.1 release.
>> >
>> > The release is available for immediate download at:
>> >
>> >   http://www.apache.org/dyn/closer.lua/lucene/solr/6.6.2
>> >
>> > Please read CHANGES.txt for a detailed list of changes:
>> >
>> >   https://lucene.apache.org/solr/6_6_2/changes/Changes.html
>> >
>> > Please report any feedback to the mailing lists
>> > (http://lucene.apache.org/solr/discussion.html)
>> >
>> > Note: The Apache Software Foundation uses an extensive mirroring
>> > network for distributing releases. It is possible that the mirror you
>> > are using may not have replicated the release yet. If that is the
>> > case, please try another mirror. This also goes for Maven access.
>> >
>>
>
>

Re: [ANNOUNCE] Apache Solr 6.6.2 released

2017-10-18 Thread Ishan Chattopadhyaya 
Hi Bernd,

> I get something like "permissionViolation=true", even after login!!!
This is due to the security sensitive nature of those issues. Only PMC
members have access to those issues at the moment.
Please revisit those issues after Solr 5.5.5 release to see if you can
access them.

> Is SOLR going to be closed source?
No

> Do we have to pay for seeing the issues? ;-)
No

Regards,
Ishan


On Wed, Oct 18, 2017 at 2:23 PM, Bernd Fehling <
bernd.fehl...@uni-bielefeld.de> wrote:

> Thanks,
> but I tried to access the mentioned issues of
> https://lucene.apache.org/solr/6_6_2/changes/Changes.html
>
> https://issues.apache.org/jira/browse/SOLR-11477
> https://issues.apache.org/jira/browse/SOLR-11482
>
> I get something like "permissionViolation=true", even after login!!!
>
> Is SOLR going to be closed source?
>
> Do we have to pay for seeing the issues? ;-)
>
> Regards
> Bernd
>
>
> Am 18.10.2017 um 10:29 schrieb Ishan Chattopadhyaya:
> > 18 October 2017, Apache Solr™ 6.6.2 available
> >
> > The Lucene PMC is pleased to announce the release of Apache Solr 6.6.2
> >
> > Solr is the popular, blazing fast, open source NoSQL search platform from
> > the
> > Apache Lucene project. Its major features include powerful full-text
> > search,
> > hit highlighting, faceted search and analytics, rich document parsing,
> > geospatial search, extensive REST APIs as well as parallel SQL. Solr is
> > enterprise grade, secure and highly scalable, providing fault tolerant
> > distributed search and indexing, and powers the search and navigation
> > features
> > of many of the world's largest internet sites.
> >
> > This release includes a critical security fix and a bugfix. Details:
> >
> > * Fix for a 0-day exploit (CVE-2017-12629), details:
> > https://s.apache.org/FJDl.
> >   RunExecutableListener has been disabled by default (can be enabled by
> >   -Dsolr.enableRunExecutableListener=true) and resolving external
> entities
> > in
> >   the XML query parser (defType=xmlparser or {!xmlparser ... }) is
> disabled
> > by
> >   default.
> >
> > * Fix a bug where Solr was attempting to load the same core twice (Error
> > message:
> >   "Lock held by this virtual machine").
> >
> > Furthermore, this release includes Apache Lucene 6.6.2 which includes one
> > security
> > fix since the 6.6.1 release.
> >
> > The release is available for immediate download at:
> >
> >   http://www.apache.org/dyn/closer.lua/lucene/solr/6.6.2
> >
> > Please read CHANGES.txt for a detailed list of changes:
> >
> >   https://lucene.apache.org/solr/6_6_2/changes/Changes.html
> >
> > Please report any feedback to the mailing lists
> > (http://lucene.apache.org/solr/discussion.html)
> >
> > Note: The Apache Software Foundation uses an extensive mirroring
> > network for distributing releases. It is possible that the mirror you
> > are using may not have replicated the release yet. If that is the
> > case, please try another mirror. This also goes for Maven access.
> >
>

Re: [ANNOUNCE] Apache Solr 6.6.2 released

2017-10-18 Thread Bernd Fehling 
Thanks,
but I tried to access the mentioned issues of
https://lucene.apache.org/solr/6_6_2/changes/Changes.html

https://issues.apache.org/jira/browse/SOLR-11477
https://issues.apache.org/jira/browse/SOLR-11482

I get something like "permissionViolation=true", even after login!!!

Is SOLR going to be closed source?

Do we have to pay for seeing the issues? ;-)

Regards
Bernd


Am 18.10.2017 um 10:29 schrieb Ishan Chattopadhyaya:
> 18 October 2017, Apache Solr™ 6.6.2 available
> 
> The Lucene PMC is pleased to announce the release of Apache Solr 6.6.2
> 
> Solr is the popular, blazing fast, open source NoSQL search platform from
> the
> Apache Lucene project. Its major features include powerful full-text
> search,
> hit highlighting, faceted search and analytics, rich document parsing,
> geospatial search, extensive REST APIs as well as parallel SQL. Solr is
> enterprise grade, secure and highly scalable, providing fault tolerant
> distributed search and indexing, and powers the search and navigation
> features
> of many of the world's largest internet sites.
> 
> This release includes a critical security fix and a bugfix. Details:
> 
> * Fix for a 0-day exploit (CVE-2017-12629), details:
> https://s.apache.org/FJDl.
>   RunExecutableListener has been disabled by default (can be enabled by
>   -Dsolr.enableRunExecutableListener=true) and resolving external entities
> in
>   the XML query parser (defType=xmlparser or {!xmlparser ... }) is disabled
> by
>   default.
> 
> * Fix a bug where Solr was attempting to load the same core twice (Error
> message:
>   "Lock held by this virtual machine").
> 
> Furthermore, this release includes Apache Lucene 6.6.2 which includes one
> security
> fix since the 6.6.1 release.
> 
> The release is available for immediate download at:
> 
>   http://www.apache.org/dyn/closer.lua/lucene/solr/6.6.2
> 
> Please read CHANGES.txt for a detailed list of changes:
> 
>   https://lucene.apache.org/solr/6_6_2/changes/Changes.html
> 
> Please report any feedback to the mailing lists
> (http://lucene.apache.org/solr/discussion.html)
> 
> Note: The Apache Software Foundation uses an extensive mirroring
> network for distributing releases. It is possible that the mirror you
> are using may not have replicated the release yet. If that is the
> case, please try another mirror. This also goes for Maven access.
>

[ANNOUNCE] Apache Solr 6.6.2 released

2017-10-18 Thread Ishan Chattopadhyaya 
18 October 2017, Apache Solr™ 6.6.2 available

The Lucene PMC is pleased to announce the release of Apache Solr 6.6.2

Solr is the popular, blazing fast, open source NoSQL search platform from
the
Apache Lucene project. Its major features include powerful full-text
search,
hit highlighting, faceted search and analytics, rich document parsing,
geospatial search, extensive REST APIs as well as parallel SQL. Solr is
enterprise grade, secure and highly scalable, providing fault tolerant
distributed search and indexing, and powers the search and navigation
features
of many of the world's largest internet sites.

This release includes a critical security fix and a bugfix. Details:

* Fix for a 0-day exploit (CVE-2017-12629), details:
https://s.apache.org/FJDl.
  RunExecutableListener has been disabled by default (can be enabled by
  -Dsolr.enableRunExecutableListener=true) and resolving external entities
in
  the XML query parser (defType=xmlparser or {!xmlparser ... }) is disabled
by
  default.

* Fix a bug where Solr was attempting to load the same core twice (Error
message:
  "Lock held by this virtual machine").

Furthermore, this release includes Apache Lucene 6.6.2 which includes one
security
fix since the 6.6.1 release.

The release is available for immediate download at:

  http://www.apache.org/dyn/closer.lua/lucene/solr/6.6.2

Please read CHANGES.txt for a detailed list of changes:

  https://lucene.apache.org/solr/6_6_2/changes/Changes.html

Please report any feedback to the mailing lists
(http://lucene.apache.org/solr/discussion.html)

Note: The Apache Software Foundation uses an extensive mirroring
network for distributing releases. It is possible that the mirror you
are using may not have replicated the release yet. If that is the
case, please try another mirror. This also goes for Maven access.