This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/solr-site.git
The following commit(s) were added to refs/heads/asf-staging by this push:
new 98a0ebf Automatic Site Publish by Buildbot
98a0ebf is described below
commit 98a0ebfcebe541ceab688f7f43010c79d559aa00
Author: buildbot <[email protected]>
AuthorDate: Tue Dec 14 00:43:22 2021 +0000
Automatic Site Publish by Buildbot
---
output/feeds/all.atom.xml | 2 ++
output/feeds/solr/security.atom.xml | 2 ++
output/news.html | 2 ++
output/security.html | 2 ++
4 files changed, 8 insertions(+)
diff --git a/output/feeds/all.atom.xml b/output/feeds/all.atom.xml
index 7a9fb08..0476be7 100644
--- a/output/feeds/all.atom.xml
+++ b/output/feeds/all.atom.xml
@@ -16,6 +16,7 @@ Apache Solr releases prior to 8.11.1 were using a bundled
version of the Apache
Any of the following are enough to prevent this vulnerability for Solr
servers:</p>
<ul>
<li>Upgrade to <code>Solr 8.11.1</code> or greater (when
available), which will include an updated version of the log4j2
dependency.</li>
+<li>If you are using Solr's official docker image, no matter the
version, it has already been mitigated. You may need to re-pull the
image.</li>
<li>Manually update the version of log4j2 on your runtime classpath and
restart your Solr application.</li>
<li>(Linux/MacOS) Edit your <code>solr.in.sh</code> file to
include:
<code>SOLR_OPTS="$SOLR_OPTS
-Dlog4j2.formatMsgNoLookups=true"</code></li>
@@ -26,6 +27,7 @@ Any of the following are enough to prevent this vulnerability
for Solr servers:&
<p>The vulnerability in the Prometheus Exporter Contrib can be mitigated
by any of the following:</p>
<ul>
<li>Upgrade to <code>Solr 8.11.1</code> or greater (when
available), which will include an updated version of the log4j2
dependency.</li>
+<li>If you are using Solr's official docker image, no matter the
version, it has already been mitigated. You may need to re-pull the
image.</li>
<li>Manually update the version of log4j2 on your runtime classpath and
restart your Solr application.</li>
<li>Edit your <code>solr-exporter</code> script to include:
<code>JAVA_OPTS="$JAVA_OPTS
-Dlog4j2.formatMsgNoLookups=true"</code></li>
diff --git a/output/feeds/solr/security.atom.xml
b/output/feeds/solr/security.atom.xml
index 3324b2e..734335c 100644
--- a/output/feeds/solr/security.atom.xml
+++ b/output/feeds/solr/security.atom.xml
@@ -16,6 +16,7 @@ Apache Solr releases prior to 8.11.1 were using a bundled
version of the Apache
Any of the following are enough to prevent this vulnerability for Solr
servers:</p>
<ul>
<li>Upgrade to <code>Solr 8.11.1</code> or greater (when
available), which will include an updated version of the log4j2
dependency.</li>
+<li>If you are using Solr's official docker image, no matter the
version, it has already been mitigated. You may need to re-pull the
image.</li>
<li>Manually update the version of log4j2 on your runtime classpath and
restart your Solr application.</li>
<li>(Linux/MacOS) Edit your <code>solr.in.sh</code> file to
include:
<code>SOLR_OPTS="$SOLR_OPTS
-Dlog4j2.formatMsgNoLookups=true"</code></li>
@@ -26,6 +27,7 @@ Any of the following are enough to prevent this vulnerability
for Solr servers:&
<p>The vulnerability in the Prometheus Exporter Contrib can be mitigated
by any of the following:</p>
<ul>
<li>Upgrade to <code>Solr 8.11.1</code> or greater (when
available), which will include an updated version of the log4j2
dependency.</li>
+<li>If you are using Solr's official docker image, no matter the
version, it has already been mitigated. You may need to re-pull the
image.</li>
<li>Manually update the version of log4j2 on your runtime classpath and
restart your Solr application.</li>
<li>Edit your <code>solr-exporter</code> script to include:
<code>JAVA_OPTS="$JAVA_OPTS
-Dlog4j2.formatMsgNoLookups=true"</code></li>
diff --git a/output/news.html b/output/news.html
index 2a9f0d3..f3148c2 100644
--- a/output/news.html
+++ b/output/news.html
@@ -147,6 +147,7 @@ Apache Solr releases prior to 8.11.1 were using a bundled
version of the Apache
Any of the following are enough to prevent this vulnerability for Solr
servers:</p>
<ul>
<li>Upgrade to <code>Solr 8.11.1</code> or greater (when available), which
will include an updated version of the log4j2 dependency.</li>
+<li>If you are using Solr's official docker image, no matter the version, it
has already been mitigated. You may need to re-pull the image.</li>
<li>Manually update the version of log4j2 on your runtime classpath and
restart your Solr application.</li>
<li>(Linux/MacOS) Edit your <code>solr.in.sh</code> file to include:
<code>SOLR_OPTS="$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true"</code></li>
@@ -157,6 +158,7 @@ Any of the following are enough to prevent this
vulnerability for Solr servers:<
<p>The vulnerability in the Prometheus Exporter Contrib can be mitigated by
any of the following:</p>
<ul>
<li>Upgrade to <code>Solr 8.11.1</code> or greater (when available), which
will include an updated version of the log4j2 dependency.</li>
+<li>If you are using Solr's official docker image, no matter the version, it
has already been mitigated. You may need to re-pull the image.</li>
<li>Manually update the version of log4j2 on your runtime classpath and
restart your Solr application.</li>
<li>Edit your <code>solr-exporter</code> script to include:
<code>JAVA_OPTS="$JAVA_OPTS -Dlog4j2.formatMsgNoLookups=true"</code></li>
diff --git a/output/security.html b/output/security.html
index 7ba1b7b..ad361b0 100644
--- a/output/security.html
+++ b/output/security.html
@@ -231,6 +231,7 @@ Apache Solr releases prior to 8.11.1 were using a bundled
version of the Apache
Any of the following are enough to prevent this vulnerability for Solr
servers:</p>
<ul>
<li>Upgrade to <code>Solr 8.11.1</code> or greater (when available), which
will include an updated version of the log4j2 dependency.</li>
+<li>If you are using Solr's official docker image, no matter the version, it
has already been mitigated. You may need to re-pull the image.</li>
<li>Manually update the version of log4j2 on your runtime classpath and
restart your Solr application.</li>
<li>(Linux/MacOS) Edit your <code>solr.in.sh</code> file to include:
<code>SOLR_OPTS="$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true"</code></li>
@@ -241,6 +242,7 @@ Any of the following are enough to prevent this
vulnerability for Solr servers:<
<p>The vulnerability in the Prometheus Exporter Contrib can be mitigated by
any of the following:</p>
<ul>
<li>Upgrade to <code>Solr 8.11.1</code> or greater (when available), which
will include an updated version of the log4j2 dependency.</li>
+<li>If you are using Solr's official docker image, no matter the version, it
has already been mitigated. You may need to re-pull the image.</li>
<li>Manually update the version of log4j2 on your runtime classpath and
restart your Solr application.</li>
<li>Edit your <code>solr-exporter</code> script to include:
<code>JAVA_OPTS="$JAVA_OPTS -Dlog4j2.formatMsgNoLookups=true"</code></li>
