sylus commented on issue #384:
URL: https://github.com/apache/solr-operator/issues/384#issuecomment-994173078
Although this was mentioned in the mailing list:
> Re: Log4j < 2.15.0 may still be vulnerable even if
-Dlog4j2.formatMsgNoLookups=true is set
The MDC Patterns used by solr
sylus commented on issue #384:
URL: https://github.com/apache/solr-operator/issues/384#issuecomment-994031272
@HoustonPutman i hate to be bearer of bad news :(
https://nvd.nist.gov/vuln/detail/CVE-2021-45046
A new CVE issued without a score and previous mitigation won't be eno
sylus commented on issue #384:
URL: https://github.com/apache/solr-operator/issues/384#issuecomment-991399854
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe
sylus commented on issue #384:
URL: https://github.com/apache/solr-operator/issues/384#issuecomment-991690754
Thanks @plumdog really happy with how quickly solr-operator responded to
this. Awesome work!
--
This is an automated message from the Apache Git Service.
To respond to the messag
sylus commented on issue #384:
URL: https://github.com/apache/solr-operator/issues/384#issuecomment-991401716
Does this not affect zookeeper i too see literally nothing about it anywhere.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on
sylus commented on issue #384:
URL: https://github.com/apache/solr-operator/issues/384#issuecomment-991399854
@plumdog were u able to find anything about zookeeper?
Also when this is set in solropts, is there a way for me to confirm it is
passed? I thought I would see it in the Solr