Yes. -- Steve www.lucidworks.com
> On Oct 24, 2017, at 12:25 PM, Moenieb Davids <moenieb.dav...@gmail.com> wrote: > > Solr 5.5.5? > > On 24 Oct 2017 17:34, "Steve Rowe" <sar...@gmail.com> wrote: > >> 24 October 2017, Apache Solr™ 5.5.5 available >> >> The Lucene PMC is pleased to announce the release of Apache Solr 5.5.5. >> >> Solr is the popular, blazing fast, open source NoSQL search platform from >> the >> Apache Lucene project. Its major features include powerful full-text >> search, >> hit highlighting, faceted search and analytics, rich document parsing, >> geospatial search, extensive REST APIs as well as parallel SQL. Solr is >> enterprise grade, secure and highly scalable, providing fault tolerant >> distributed search and indexing, and powers the search and navigation >> features >> of many of the world's largest internet sites. >> >> This release contains one bugfix. >> >> This release includes one critical and one important security fix. Details: >> >> * Fix for a 0-day exploit (CVE-2017-12629), details: >> https://s.apache.org/FJDl. >> RunExecutableListener has been disabled by default (can be enabled by >> -Dsolr.enableRunExecutableListener=true) and resolving external entities >> in the >> XML query parser (defType=xmlparser or {!xmlparser ... }) is disabled by >> default. >> >> * Fix for CVE-2017-7660: Security Vulnerability in secure inter-node >> communication >> in Apache Solr, details: https://s.apache.org/APTY >> >> Furthermore, this release includes Apache Lucene 5.5.5 which includes one >> security >> fix since the 5.5.4 release. >> >> The release is available for immediate download at: >> >> http://www.apache.org/dyn/closer.lua/lucene/solr/5.5.5 >> >> Please read CHANGES.txt for a detailed list of changes: >> >> https://lucene.apache.org/solr/5_5_5/changes/Changes.html >> >> Please report any feedback to the mailing lists >> (http://lucene.apache.org/solr/discussion.html) >> >> Note: The Apache Software Foundation uses an extensive mirroring >> network for distributing releases. It is possible that the mirror you >> are using may not have replicated the release yet. If that is the >> case, please try another mirror. This also goes for Maven access. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org