[jira] [Updated] (OAK-10777) oak-lucene: add test coverage for stack overflow based on very long and complex regexp using JCR lucene native query
[ https://issues.apache.org/jira/browse/OAK-10777?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Julian Reschke updated OAK-10777: - Fix Version/s: 1.64.0 > oak-lucene: add test coverage for stack overflow based on very long and > complex regexp using JCR lucene native query > > > Key: OAK-10777 > URL: https://issues.apache.org/jira/browse/OAK-10777 > Project: Jackrabbit Oak > Issue Type: Task > Components: lucene >Reporter: Julian Reschke >Assignee: Julian Reschke >Priority: Major > Fix For: 1.64.0 > > > This is like OAK-10713, but using a JCR query, proving that the vulnerability > can be triggered over JCR. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (OAK-10777) oak-lucene: add test coverage for stack overflow based on very long and complex regexp using JCR lucene native query
Julian Reschke created OAK-10777: Summary: oak-lucene: add test coverage for stack overflow based on very long and complex regexp using JCR lucene native query Key: OAK-10777 URL: https://issues.apache.org/jira/browse/OAK-10777 Project: Jackrabbit Oak Issue Type: Task Components: lucene Reporter: Julian Reschke Assignee: Julian Reschke This is like OAK-10713, but using a JCR query, proving that the vulnerability can be triggered over JCR. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OAK-10770) Azure identity runtime dependency resolution in oak-segment-azure
[ https://issues.apache.org/jira/browse/OAK-10770?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17839968#comment-17839968 ] Tushar Rana commented on OAK-10770: --- before adding all the dependencies, jar size was 5.5M -rw-r--r--@ 1 trana staff 5.5M Apr 19 11:52 oak-segment-azure-1.63-SNAPSHOT.jar after adding all the dependencies, jar size is 13M, a 7.5M increase in jar size after embedding all the dependencies -rw-r--r--@ 1 trana staff 13M Apr 19 12:00 oak-segment-azure-1.63-SNAPSHOT.jar > Azure identity runtime dependency resolution in oak-segment-azure > - > > Key: OAK-10770 > URL: https://issues.apache.org/jira/browse/OAK-10770 > Project: Jackrabbit Oak > Issue Type: Task >Reporter: Nitin Gupta >Priority: Major > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OAK-10770) Azure identity runtime dependency resolution in oak-segment-azure
[ https://issues.apache.org/jira/browse/OAK-10770?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17839965#comment-17839965 ] Tushar Rana commented on OAK-10770: --- Below is the compiled list of errors and dependencies added to resolve the errors. ||Error||Dependency|| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: org/reactivestreams/Publisher|reactive-streams| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: com/microsoft/aad/msal4j/IClientCredential|msal4j| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: reactor/core/publisher/Mono|reactor-core| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: com/nimbusds/oauth2/sdk/ParseException|oauth2-oidc-sdk| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: io/netty/channel/ChannelHandler|netty-transport| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: io/netty/resolver/AddressResolverGroup|netty-resolver| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: io/netty/util/concurrent/EventExecutorGroup|netty-common| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: reactor/netty/http/client/HttpClient|reactor-netty-http| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: reactor/netty/transport/ClientTransport|reactor-netty-core| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: io/netty/resolver/dns/DnsAddressResolverGroup|netty-resolver-dns| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: io/netty/handler/codec/http/cookie/Cookie|netty-codec-http| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: io/netty/handler/codec/MessageAggregator|netty-codec| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: io/netty/handler/codec/http2/Http2StreamFrameToHttpObjectCodec|netty-codec-http2| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: io/netty/buffer/ByteBufHolder|netty-buffer| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: io/netty/handler/logging/LoggingHandler|netty-handler| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: io/netty/handler/proxy/HttpProxyHandler$HttpProxyConnectException|netty-handler-proxy| |org.apache.felix.log.LogException: java.lang.NoClassDefFoundError: net/minidev/json/JSONAware|json-smart| |org.apache.felix.log.LogException: java.lang.RuntimeException: java.util.concurrent.ExecutionException: java.lang.NoClassDefFoundError: io/netty/channel/unix/DomainSocketAddress|netty-transport-native-unix-common| |org.apache.felix.log.LogException: java.lang.RuntimeException: java.util.concurrent.ExecutionException: java.lang.NoClassDefFoundError: com/nimbusds/common/contenttype/ContentType|content-type| |org.apache.felix.log.LogException: java.lang.RuntimeException: java.util.concurrent.ExecutionException: java.lang.NoClassDefFoundError: net/minidev/asm/FieldFilter|accessors-smart| |org.apache.felix.log.LogException: java.lang.RuntimeException: java.util.concurrent.ExecutionException: java.lang.NoClassDefFoundError: com/nimbusds/jwt/JWTParser|nimbus-jose-jwt| > Azure identity runtime dependency resolution in oak-segment-azure > - > > Key: OAK-10770 > URL: https://issues.apache.org/jira/browse/OAK-10770 > Project: Jackrabbit Oak > Issue Type: Task >Reporter: Nitin Gupta >Priority: Major > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (OAK-10762) oak-search-elastic: similarity queries produce not relevant results when uses similarTags
[ https://issues.apache.org/jira/browse/OAK-10762?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Fabrizio Fortino resolved OAK-10762. Fix Version/s: 1.64.0 Resolution: Fixed > oak-search-elastic: similarity queries produce not relevant results when uses > similarTags > - > > Key: OAK-10762 > URL: https://issues.apache.org/jira/browse/OAK-10762 > Project: Jackrabbit Oak > Issue Type: Improvement > Components: indexing >Reporter: Fabrizio Fortino >Assignee: Fabrizio Fortino >Priority: Major > Fix For: 1.64.0 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)