[
https://issues.apache.org/jira/browse/SOLR-13993?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erik Hatcher updated SOLR-13993:
Attachment: SOLR-13993.patch
> sandbox velocity template render
>
[
https://issues.apache.org/jira/browse/SOLR-13993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16987155#comment-16987155
]
Erik Hatcher commented on SOLR-13993:
-
Attached patch exercises the test security manager which does
[
https://issues.apache.org/jira/browse/SOLR-13978?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16993664#comment-16993664
]
Erik Hatcher commented on SOLR-13978:
-
With the removal of /browse, you can also remove params.json
[
https://issues.apache.org/jira/browse/SOLR-14065?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16994796#comment-16994796
]
Erik Hatcher commented on SOLR-14065:
-
{quote}I’d love to see a small angular/react app instead that
[
https://issues.apache.org/jira/browse/SOLR-14065?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16994794#comment-16994794
]
Erik Hatcher commented on SOLR-14065:
-
Regrettably +1: RIP Solritas.
> Deprecate Velocity
>
Erik Hatcher created SOLR-14124:
---
Summary: Implement `remove-repo` package manager command
Key: SOLR-14124
URL: https://issues.apache.org/jira/browse/SOLR-14124
Project: Solr
Issue Type:
[
https://issues.apache.org/jira/browse/SOLR-14124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17000273#comment-17000273
]
Erik Hatcher commented on SOLR-14124:
-
How should this respond when plugins are installed and
[
https://issues.apache.org/jira/browse/SOLR-7012?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erik Hatcher resolved SOLR-7012.
Resolution: Won't Fix
this has been effectively implemented with the new package/plugin management
[
https://issues.apache.org/jira/browse/SOLR-13971?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erik Hatcher updated SOLR-13971:
Security: Public (was: Private (Security Issue))
> CVE-2019-17558: Velocity custom template RCE
[
https://issues.apache.org/jira/browse/SOLR-14025?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erik Hatcher updated SOLR-14025:
Security: Public (was: Private (Security Issue))
> Velocity response writer RCE vulnerability
[
https://issues.apache.org/jira/browse/SOLR-13971?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17010628#comment-17010628
]
Erik Hatcher commented on SOLR-13971:
-
It's important that these two JIRAs are tied. SOLR-14025
[
https://issues.apache.org/jira/browse/SOLR-13971?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17010630#comment-17010630
]
Erik Hatcher commented on SOLR-13971:
-
[~sachinpat...@gmail.com] - you must also include SOLR-14025's
[
https://issues.apache.org/jira/browse/SOLR-13971?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erik Hatcher updated SOLR-13971:
Summary: Velocity custom template RCE vulnerability (was: CVE-2019-17558:
Velocity custom
[
https://issues.apache.org/jira/browse/SOLR-14025?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erik Hatcher updated SOLR-14025:
Summary: CVE-2019-17558: Velocity response writer RCE vulnerability
persists after 8.3.1 (was:
Erik Hatcher created SOLR-14799:
---
Summary: JWT authentication plugin should not require subject,
unless set as principalClaim
Key: SOLR-14799
URL: https://issues.apache.org/jira/browse/SOLR-14799
[
https://issues.apache.org/jira/browse/SOLR-14799?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erik Hatcher updated SOLR-14799:
Fix Version/s: 8.7
> JWT authentication plugin should not require subject, unless set as
>
[
https://issues.apache.org/jira/browse/SOLR-14799?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erik Hatcher updated SOLR-14799:
Priority: Blocker (was: Major)
> JWT authentication plugin should not require subject, unless set
Erik Hatcher created SOLR-14792:
---
Summary: Remove VelocityResponseWriter from Solr 9
Key: SOLR-14792
URL: https://issues.apache.org/jira/browse/SOLR-14792
Project: Solr
Issue Type: Improvement
[
https://issues.apache.org/jira/browse/SOLR-14799?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erik Hatcher resolved SOLR-14799.
-
Resolution: Fixed
> JWT authentication plugin should not require subject, unless set as
>
[
https://issues.apache.org/jira/browse/SOLR-14799?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erik Hatcher reassigned SOLR-14799:
---
Assignee: Erik Hatcher
> JWT authentication plugin should not require subject, unless set
[
https://issues.apache.org/jira/browse/SOLR-14541?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erik Hatcher updated SOLR-14541:
Summary: Ensure classes that implement equals implement hashCode or
suppress warnings (was:
[
https://issues.apache.org/jira/browse/SOLR-14792?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erik Hatcher reassigned SOLR-14792:
---
Assignee: Erik Hatcher
> Remove VelocityResponseWriter from Solr 9
>
22 matches
Mail list logo
