[jira] [Commented] (OAK-11274) Upgrade solr to 8.11.3 | CVE-2023-50298

Wed, 20 Nov 2024 06:31:22 -0800 


    [ 
https://issues.apache.org/jira/browse/OAK-11274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17899761#comment-17899761
 ] 

Nitin Gupta commented on OAK-11274:
-----------------------------------

trunk : 
[https://github.com/apache/jackrabbit-oak/commit/2639bdb9feaffbc516432858a1125dacdb4e639b]
 

> Upgrade solr to 8.11.3 | CVE-2023-50298
> ---------------------------------------
>
>                 Key: OAK-11274
>                 URL: https://issues.apache.org/jira/browse/OAK-11274
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>            Reporter: Nitin Gupta
>            Assignee: Nitin Gupta
>            Priority: Major
>
> [https://solr.apache.org/security.html#cve-2023-50298-apache-solr-can-expose-zookeeper-credentials-via-streaming-expressions]
> Currently we use solr version 8.11.1 in trunk which is vulnurable to the 
> above CVE.
> We need to upgrade it to 8.11.3



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to