Hi Thomas, Why the 8.11.0? I read that the latest stable version is 8.11.1 https://solr.apache.org/docs/8_11_1/changes/Changes.html#v8.11.1.bug_fixes With the bug fix: Update Log4J to 2.16 (Mike Drob, janhoy)
On Tue, Jan 11, 2022 at 4:40 PM Thomas Heldmann < [email protected]> wrote: > Dear Raghav, > > Do I understand you correctly that you want to upgrade from Solr 8.2.0 to > Solr 8.11.0, for example? > > First of all, you should have a look at the Solr Upgrade Notes ( > https://solr.apache.org/guide/8_11/solr-upgrade-notes.html) and run some > tests on a local PC to find out whether your index schemes are still > working with Solr 8.11.0. If your tests were successful, you can try to > upgrade an existing Solr installation. The upgrade procedure is quite > simple: > > https://solr.apache.org/guide/8_11/upgrading-a-solr-cluster.html > > You install the new Solr version (e.g. 8.11.0) using the EXISTING service > name (that is very important!) in the same way as you installed Solr 8.2.0. > The new Solr version will be installed "besides" the old one, so there will > be, for example, /opt/solr-8.2.0 and /opt/solr-8.11.0. The service name > will be redirected to the new version. After the installation, you have to > verify that the environment variables in solr.in.sh are still set > correctly. If you are using SolrCloud, you probably have to set up a new > ZooKeeper ensemble and adapt the ZK variables in solr.in.sh. Now the > upgrade is completed and you can start the Solr service as you have done so > far. The new version will be started and should be able to use the existing > schemes and indexed data. > > I hope this helps you. Please do not hasitate to ask again if you have any > further questions. > > Best regards, > Thomas > > -- > Thomas Heldmann > Bayerische Staatsbibliothek > Verbundzentrale des Bibliotheksverbunds Bayern > Leopoldstraße 240 > 80807 München > > Tel.: 089/28638-4153 > E-Mail: [email protected] > > > > >>> <[email protected]> schrieb am 11.01.2022 um > 15:48: > > Hi Team > > > > For Solr side mitigation for log4j, we have manually updated the log4j‑c > ore > > and log4j‑api files to latest versions (2.17.1) and have done > > (Linux/MacOS) Edit your solr.in.sh file to include: > SOLR_OPTS="$SOLR_OPTS > > ‑Dlog4j2.formatMsgNoLookups=true" > > this mitigation step as well as mentioned in the solr security update > > https://solr.apache.org/security.html#apache‑solr‑affected‑by‑apache‑log4j‑cve‑2021‑4 > > > 4228 > > The CompanySecurity Team have shared a vulnerability in solr's end. Can > you > > please confirm that these mitigation steps are good to solve the issue > from > > solr's end. > > > > The Solr application is installed as a service in our system, can you > please > > share the steps needed to update solr to the latest version, without > losing > > the data indexed in solr. > > Thanks and Regards, > > Raghav Khandelwal > > > > This e‑mail and any files transmitted with it are for the sole use of > the > > intended recipient(s) and may contain confidential and privileged > > information. If you are not the intended recipient(s), please reply to > the > > sender and destroy all copies of the original message. Any unauthorized > > review, use, disclosure, dissemination, forwarding, printing or copying > of > > this email, and/or any action taken in reliance on the contents of this > e‑mail > > is strictly prohibited and may be unlawful. Where permitted by > applicable > > law, this e‑mail and other e‑mail communications sent to and from > Cognizant > > e‑mail addresses may be monitored. > > -- Vincenzo D'Amore
