ctargett commented on a change in pull request #47: URL: https://github.com/apache/solr-site/pull/47#discussion_r766874295
########## File path: content/solr/security/2021-12-12-cve-2021-44228.md ########## @@ -25,5 +27,13 @@ Any of the following are enough to prevent this vulnerability: `set SOLR_OPTS=%SOLR_OPTS% -Dlog4j2.formatMsgNoLookups=true` * Follow any of the other mitgations listed at https://logging.apache.org/log4j/2.x/security.html +The vulnerability in the Prometheus Exporter Contribcan be mitigated by any of the following: + +* Upgrade to `Solr 8.11.1` or greater (when available), which will include an updated version of the log4j2 dependancy. Review comment: "dependency" -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org
