[
https://issues.apache.org/jira/browse/SOLR-16324?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17601301#comment-17601301
]
ASF subversion and git services commented on SOLR-16324:
--------------------------------------------------------
Commit a6dea0cfd9577e4d2106f3a09869ff9a11cfd193 in lucene-solr's branch
refs/heads/branch_8_11 from Kevin Risden
[ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=a6dea0cfd95 ]
SOLR-16324: Upgrade commons-configuration2 to 2.8.0 and commons-text to 1.9
(#2669)
* Upgrade commons-configuration2 to 2.8.0 due to CVE-2022-33980
* Upgrade commons-text to 1.9 since it gets upgraded with
commons-configuration2
> CVE-2022-33980 in commons-configuration2
> ----------------------------------------
>
> Key: SOLR-16324
> URL: https://issues.apache.org/jira/browse/SOLR-16324
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: Andrew Kulick
> Assignee: Kevin Risden
> Priority: Minor
> Fix For: 9.1, main (10.0)
>
> Time Spent: 50m
> Remaining Estimate: 0h
>
> CVE-2022-33980 is present in org.apache.commons_commons-configuration2:2.7.
> Upgrading to version 2.8 will remediate the issue
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
