Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id E01C8200BCE for ; Fri, 2 Dec 2016 22:27:11 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id DEE81160B24; Fri, 2 Dec 2016 21:27:11 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 33FA5160B08 for ; Fri, 2 Dec 2016 22:27:11 +0100 (CET) Received: (qmail 3960 invoked by uid 500); 2 Dec 2016 21:27:10 -0000 Mailing-List: contact commits-help@lucene.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@lucene.apache.org Delivered-To: mailing list commits@lucene.apache.org Received: (qmail 3951 invoked by uid 99); 2 Dec 2016 21:27:10 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 02 Dec 2016 21:27:10 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 2221BE04BB; Fri, 2 Dec 2016 21:27:10 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: anshum@apache.org To: commits@lucene.apache.org Message-Id: <33eb6a0fc9bc4a738310c411698887eb@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: lucene-solr:branch_6x: SOLR-9819: Upgrade Apache commons-fileupload to 1.3.2, fixing a security vulnerability Date: Fri, 2 Dec 2016 21:27:10 +0000 (UTC) archived-at: Fri, 02 Dec 2016 21:27:12 -0000 Repository: lucene-solr Updated Branches: refs/heads/branch_6x 537ac854a -> 660f08a0b SOLR-9819: Upgrade Apache commons-fileupload to 1.3.2, fixing a security vulnerability Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/660f08a0 Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/660f08a0 Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/660f08a0 Branch: refs/heads/branch_6x Commit: 660f08a0b96887ad0ca4c147016179f041c522e8 Parents: 537ac85 Author: Anshum Gupta Authored: Fri Dec 2 12:09:10 2016 -0800 Committer: Anshum Gupta Committed: Fri Dec 2 13:26:49 2016 -0800 ---------------------------------------------------------------------- lucene/ivy-versions.properties | 2 +- solr/CHANGES.txt | 2 ++ solr/licenses/commons-fileupload-1.3.1.jar.sha1 | 1 - solr/licenses/commons-fileupload-1.3.2.jar.sha1 | 1 + 4 files changed, 4 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/660f08a0/lucene/ivy-versions.properties ---------------------------------------------------------------------- diff --git a/lucene/ivy-versions.properties b/lucene/ivy-versions.properties index 8526105..ffc54a8 100644 --- a/lucene/ivy-versions.properties +++ b/lucene/ivy-versions.properties @@ -64,7 +64,7 @@ com.sun.jersey.version = 1.9 /commons-collections/commons-collections = 3.2.2 /commons-configuration/commons-configuration = 1.6 /commons-digester/commons-digester = 2.1 -/commons-fileupload/commons-fileupload = 1.3.1 +/commons-fileupload/commons-fileupload = 1.3.2 /commons-io/commons-io = 2.5 /commons-lang/commons-lang = 2.6 /commons-logging/commons-logging = 1.1.3 http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/660f08a0/solr/CHANGES.txt ---------------------------------------------------------------------- diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt index c5e4657..8a5e369 100644 --- a/solr/CHANGES.txt +++ b/solr/CHANGES.txt @@ -201,6 +201,8 @@ Other Changes * SOLR-9660: in GroupingSpecification factor [group](sort|offset|limit) into [group](sortSpec) (Judith Silverman, Christine Poerschke) +* SOLR-9819: Upgrade commons-fileupload to 1.3.2, fixing a potential vulnerability CVE-2016-3092 (Anshum Gupta) + ================== 6.3.0 ================== Consult the LUCENE_CHANGES.txt file for additional, low level, changes in this release. http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/660f08a0/solr/licenses/commons-fileupload-1.3.1.jar.sha1 ---------------------------------------------------------------------- diff --git a/solr/licenses/commons-fileupload-1.3.1.jar.sha1 b/solr/licenses/commons-fileupload-1.3.1.jar.sha1 deleted file mode 100644 index 32f4872..0000000 --- a/solr/licenses/commons-fileupload-1.3.1.jar.sha1 +++ /dev/null @@ -1 +0,0 @@ -c621b54583719ac0310404463d6d99db27e1052c http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/660f08a0/solr/licenses/commons-fileupload-1.3.2.jar.sha1 ---------------------------------------------------------------------- diff --git a/solr/licenses/commons-fileupload-1.3.2.jar.sha1 b/solr/licenses/commons-fileupload-1.3.2.jar.sha1 new file mode 100644 index 0000000..747b509 --- /dev/null +++ b/solr/licenses/commons-fileupload-1.3.2.jar.sha1 @@ -0,0 +1 @@ +5d7491ed6ebd02b6a8d2305f8e6b7fe5dbd95f72 \ No newline at end of file