Hi, due to the security leak in the Jetty webserver we should think about updating the Solr releases: As a Lucene 4.10.4 release is in the RC phase, we should better delay it and check if the bundled Jetty is vulnerable.
http://blog.gdssecurity.com/labs/2015/2/25/jetleak-vulnerability-remote-leakage-of-shared-buffers-in-je.html Here is a testing scipt to check our release: https://github.com/GDSSecurity/Jetleak-Testing-Script Uwe ----- Uwe Schindler H.-H.-Meier-Allee 63, D-28213 Bremen http://www.thetaphi.de eMail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
