[jira] [Resolved] (SOLR-12204) Upgrade commons-fileupload to address CVE-2016-1000031

Steve Rowe (JIRA) Wed, 18 Apr 2018 16:34:20 -0700

     [ 
https://issues.apache.org/jira/browse/SOLR-12204?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Steve Rowe resolved SOLR-12204.
-------------------------------
       Resolution: Fixed
         Assignee: Steve Rowe  (was: Hrishikesh Gadre)
    Fix Version/s: master (8.0)
                   7.4
                   7.3.1

> Upgrade commons-fileupload to address CVE-2016-1000031
> ------------------------------------------------------
>
>                 Key: SOLR-12204
>                 URL: https://issues.apache.org/jira/browse/SOLR-12204
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>    Affects Versions: 7.2
>            Reporter: Hrishikesh Gadre
>            Assignee: Steve Rowe
>            Priority: Major
>             Fix For: 7.3.1, 7.4, master (8.0)
>
>         Attachments: SOLR-12204.patch, SOLR-12204.patch
>
>
> Currently SOLR is using 1.3.2 version of commons-fileupload library which is 
> susceptible to  CVE-2016-1000031. We should upgrade the this library to the 
> latest version (1.3.3 at the time of writing) to mitigate the security risk.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Resolved] (SOLR-12204) Upgrade commons-fileupload to address CVE-2016-1000031

Reply via email to