lucene-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Solr Wiki] Update of "SolrSecurity" by UweSchindler
Date Sun, 08 Apr 2018 18:45:02 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Solr Wiki" for change notification.

The "SolrSecurity" page has been changed by UweSchindler:
https://wiki.apache.org/solr/SolrSecurity?action=diff&rev1=48&rev2=49

Comment:
CVE-2018-1308: XXE attack through DIH's dataConfig request parameter

  
  == Security announcements ==
  
+  * 2018-04-08: CVE-2018-1308: XXE attack through DIH's dataConfig request parameter
   * 2017-10-26: CVE-2016-6809 – Arbitrary Code Execution Vulnerability in Apache Tika’s
MATLAB Parser bundled with Apache Solr
   * [[http://mail-archives.us.apache.org/mod_mbox/www-announce/201710.mbox/%3CCAOOKt51UO_6Vy%3Dj8W%3Dx1pMbLW9VJfZyFWz7pAnXJC_OAdSZubA%40mail.gmail.com%3E|2017-10-18:
CVE-2017-12629: Several critical vulnerabilities discovered in Apache Solr (XXE & RCE)]]
   * [[http://mail-archives.us.apache.org/mod_mbox/www-announce/201709.mbox/%3CCAOOKt53AOScg04zUh0%2BR_fcXD0C9s5mQ-OzdgYdnHz49u1KmXw@mail.gmail.com%3E|2017-09-18:
CVE-2017-9803: Security vulnerability in kerberos delegation token functionality]]

Mime
View raw message