lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Moenieb Davids <moenieb.dav...@gmail.com>
Subject Re: [ANNOUNCE] Apache Solr 5.5.5 released
Date Tue, 24 Oct 2017 16:25:36 GMT
Solr 5.5.5?

On 24 Oct 2017 17:34, "Steve Rowe" <sarowe@gmail.com> wrote:

> 24 October 2017, Apache Solr™ 5.5.5 available
>
> The Lucene PMC is pleased to announce the release of Apache Solr 5.5.5.
>
> Solr is the popular, blazing fast, open source NoSQL search platform from
> the
> Apache Lucene project. Its major features include powerful full-text
> search,
> hit highlighting, faceted search and analytics, rich document parsing,
> geospatial search, extensive REST APIs as well as parallel SQL. Solr is
> enterprise grade, secure and highly scalable, providing fault tolerant
> distributed search and indexing, and powers the search and navigation
> features
> of many of the world's largest internet sites.
>
> This release contains one bugfix.
>
> This release includes one critical and one important security fix. Details:
>
> * Fix for a 0-day exploit (CVE-2017-12629), details:
> https://s.apache.org/FJDl.
> RunExecutableListener has been disabled by default (can be enabled by
> -Dsolr.enableRunExecutableListener=true) and resolving external entities
> in the
> XML query parser (defType=xmlparser or {!xmlparser ... }) is disabled by
> default.
>
> * Fix for CVE-2017-7660: Security Vulnerability in secure inter-node
> communication
> in Apache Solr, details: https://s.apache.org/APTY
>
> Furthermore, this release includes Apache Lucene 5.5.5 which includes one
> security
> fix since the 5.5.4 release.
>
> The release is available for immediate download at:
>
> http://www.apache.org/dyn/closer.lua/lucene/solr/5.5.5
>
> Please read CHANGES.txt for a detailed list of changes:
>
> https://lucene.apache.org/solr/5_5_5/changes/Changes.html
>
> Please report any feedback to the mailing lists
> (http://lucene.apache.org/solr/discussion.html)
>
> Note: The Apache Software Foundation uses an extensive mirroring
> network for distributing releases. It is possible that the mirror you
> are using may not have replicated the release yet. If that is the
> case, please try another mirror. This also goes for Maven access.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message