[ https://issues.apache.org/jira/browse/SOLR-13208?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Erick Erickson resolved SOLR-13208. ----------------------------------- Resolution: Won't Fix > Update dom4j in solr package due to security vulnerability > ---------------------------------------------------------- > > Key: SOLR-13208 > URL: https://issues.apache.org/jira/browse/SOLR-13208 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) > Components: Server > Affects Versions: 7.6, 8.0 > Reporter: DW > Priority: Major > > The Solr package contains dom4j-1.6.1 in the server webapp component in > server/solr-webapp/webapp/WEB-INF/lib/dom4j-1.6.1.jar > Please can you upgrade dom4j-1.6.1 due to open security vulnerability to > 2.1.1+. > If you need the CVE number, let me know. > -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org