Jun He created BIGTOP-3507: ------------------------------ Summary: Solr: CVE-2020-13957 mitigation backport Key: BIGTOP-3507 URL: https://issues.apache.org/jira/browse/BIGTOP-3507 Project: Bigtop Issue Type: Improvement Components: solr Reporter: Jun He
There is a [CVE security beach|https://lucene.apache.org/solr/security.html#cve-2020-13957-the-checks-added-to-unauthenticated-configset-uploads-in-apache-solr-can-be-circumvented] reported for solr on quite a few versions, where v6.6.6 is also affected. Will backport upstream fix [SOLR-14663|https://issues.apache.org/jira/browse/SOLR-14663] for this to v6.6.6 in solr component. -- This message was sent by Atlassian Jira (v8.3.4#803005)