On 6/27/2018 9:00 AM, Alexandre Rafalovitch wrote: > In the Solr 7.4 changes, under the bugs fixed, we list: > SOLR-12450: Don't allow referal to external resources in various config files. > (Yuyang Xiao, Uwe Schindler) > > That link goes to "This issue can't be viewed" issue: > https://issues.apache.org/jira/browse/SOLR-12450 > > I am just curious, is this one of the security issues that even > committers are not allowed to see even post-release? Or there is just > a dead link of some sort?
Only the reporter and members of the PMC can view it. Since the fix has been released (with 7.4.0) it's probably time to change the security level on the issue to public. It's something that I can do, but I would prefer to let Uwe (as the reporter and the one who fixed the problem) or Adrien (as the RM for the 7.4.0 release) handle it. Thanks, Shawn --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
