Thanks for your question Sven! I wonder if/how we could make the two links Kevin shared more discoverable from the Solr website, something on the Community [3] page perhaps somehow?
[3] http://lucene.apache.org/solr/community.html From: dev@lucene.apache.org At: 03/07/19 20:29:18To: dev@lucene.apache.org Subject: Re: Security Contact for Solr? From [1] If you believe you have discovered a vulnerability in Lucene or Solr, please follow these ASF guidelines [2] for reporting it. [1] https://wiki.apache.org/solr/SolrSecurity [2] https://www.apache.org/security/ Kevin Risden On Thu, Mar 7, 2019 at 3:24 PM Sven Blumenstein <s...@apple.com.invalid> wrote: Hi .*, what is the proper contact for reporting security vulnerabilities in Solr? Do you have a security@ address or a non-public mailing list/bug component? Unfortunately I could not find any information in that regard on the Solr website, hence my reach out to this mailing list. Thanks! --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org