Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e1e4f160 by Moritz Muehlenhoff at 2021-02-22T19:01:17+01:00
mark lucene-solr as fixed in sid, it dropped the server bits and now only
provides some base classes for reverse deps
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -59845,12 +59845,13 @@ CVE-2020-13943 (If an HTTP/2 client connecting to
Apache Tomcat 10.0.0-M1 to 10.
CVE-2020-13942 (It is possible to inject malicious OGNL or MVEL scripts into
the /cont ...)
NOT-FOR-US: Apache Unomi
CVE-2020-13941 (Reported in SOLR-14515 (private) and fixed in SOLR-14561
(public), rel ...)
- - lucene-solr <unfixed>
+ - lucene-solr 3.6.2+dfsg-23
[buster] - lucene-solr <ignored> (Minor issue)
[stretch] - lucene-solr <ignored> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2020/08/15/1
NOTE: https://issues.apache.org/jira/browse/SOLR-14561
NOTE:
https://github.com/apache/lucene-solr/commit/936b9d770e769c9018a9f408d576f52e7c4e8be2
+ NOTE: Server components disabled in 3.6.2+dfsg-23, using that as the
fixed version
CVE-2020-13940 (In Apache NiFi 1.0.0 to 1.11.4, the notification service
manager and v ...)
NOT-FOR-US: Apache NiFi
CVE-2020-13939
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1e4f160840caeb983eb051b84ece98d8da0b2d0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1e4f160840caeb983eb051b84ece98d8da0b2d0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
