-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 10 Oct 2019 17:39:16 +0200
Source: lucene-solr
Architecture: source
Version: 3.6.2+dfsg-22
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers 
<pkg-java-maintain...@lists.alioth.debian.org>
Changed-By: Markus Koschany <a...@debian.org>
Changes:
 lucene-solr (3.6.2+dfsg-22) unstable; urgency=medium
 .
   * Add myself to Uploaders and remove Jakub Adam, James Page and Mat Scales
     because they are not active anymore.
   * Declare compliance with Debian Policy 4.4.1.
   * Fix CVE-2019-0193:
     The DataImportHandler, an optional but popular module to pull in data from
     databases and other sources, has a feature in which the whole DIH
     configuration can come from a request's "dataConfig" parameter. The debug
     mode of the DIH admin screen uses this to allow convenient debugging /
     development of a DIH config. Since a DIH config can contain scripts, this
     parameter is a security risk. Starting from now on, use of this parameter
     requires setting the Java System property "enable.dih.dataConfigParam" to
     true. For example this can be achieved with solr-tomcat by adding
     -Denable.dih.dataConfigParam=true to JAVA_OPTS in /etc/default/tomcat9.
Checksums-Sha1:
 b83b067ecffd2b539798071d47de0e3a131f5ea9 3252 lucene-solr_3.6.2+dfsg-22.dsc
 da8b922f0bca72f40619973c3651b645242882b1 54340 
lucene-solr_3.6.2+dfsg-22.debian.tar.xz
 46f36b7e276adc61a735df64aea4fd04d9833872 12261 
lucene-solr_3.6.2+dfsg-22_amd64.buildinfo
Checksums-Sha256:
 0ca1f1667763426be9fff5483dd7dbcf0f4bca3ae337a395f852190fc6fbb61e 3252 
lucene-solr_3.6.2+dfsg-22.dsc
 a06692a199ab758e7a896f01061af2934cd200bfa94e532db1bb68bb964038d3 54340 
lucene-solr_3.6.2+dfsg-22.debian.tar.xz
 5159ed1ec2a09d806effff10de29b40e31fd1cfacd4a59b488666e8c74b77bfc 12261 
lucene-solr_3.6.2+dfsg-22_amd64.buildinfo
Files:
 afbc65c320531546326ba11a02e6f95b 3252 java optional 
lucene-solr_3.6.2+dfsg-22.dsc
 dd7d073370dca5ecea6569d735667317 54340 java optional 
lucene-solr_3.6.2+dfsg-22.debian.tar.xz
 6f88fa2b41513bdf7a747bb30db9764a 12261 java optional 
lucene-solr_3.6.2+dfsg-22_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl2fUnlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk44kP/RNYr9CZkOt/ALYTWMV/h4Tech5tjOaP7PY4
WEx9XwafyIZvnS7apVu98TcruNFGlhk1EKOoSDZzy1V5yPfBT48jyJKQn9aJ5rDt
0cou0D3vDDrJ1fwV/axg7oPEpP+c6YLUQWmDZbvDJzadgJ/FqhogdpS1ttk0J5Mj
Dd91q+fXTQRRNJXZHMkuYw5jeTbT3kxF4SRf6wtrEhaJENWUl9b+E9qPpeMsq8V7
OVeWhjmVHpmblf9nFa4TObwot94qcgilMyNUL6puSsS3zabjjv8zCzEFyHnST+OM
c1LGzcLKf5bWBItT9hTBcQN7Cv0ppiFrKj/aM5SOwmgYnAd33LgvwO9qnEmFpti9
J4oTIJ81ugsvFvYHi3rHIvE6/sIsSMKTQC6cVM9PQ0eQuTOpnuBs1OlJMObwyqTy
wF0H9tS5vkWMDlg8Hig3VQOwB0+BOP+HYiDsJY/XDle8D9HswnKS4A5AMOdn8pz7
Xth/KI5rC7dTeaG+/k7b302CPiBzVDsvrgcDnb0MGKFei/1FwzgvDZd7VXXcR41Y
muq3jx7l33tFIeq6otWSqOvcJK3uE1Epl6RD/eK250udfERlIp/F1Ke3SBp3C4Xs
I2qZddjQANf9DdycADHa0NqQt0QUXy7SvAopbGAVMKhQLrUk36FDHzg1/nwTyehN
kJoerBxm
=ou2z
-----END PGP SIGNATURE-----

Reply via email to