lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From padmanabhan1616 <>
Subject Re: Apache commons fileupload migration
Date Fri, 16 Mar 2018 05:33:36 GMT
Yes I read the changelog 1.3.3. This release contains the security
vulnerability fix.

DiskDileItem can actually no longer be deserialized, *unless a system
property is set to true*. Fixes FILEUPLOAD-279.

 We don't have security architecture for my product to decide weather it is
vulnerable or not. So, please kindly help us below

My concern here is,
Is this vulnerable for lower version of commons-fileupload or not? If yes
then upgrading directly in Apache solr-5.2.1 version is good idea or not?

Sent from:

View raw message