Do you actually use org.apache.lucene.replicator.http ? If not then
this wouldn't have any material impact on your application.
On Mon, Oct 28, 2024 at 4:25 AM Renaud SAINT-GRATIEN
wrote:
>
> CONFIDENTIAL
>
> Hello,
>
> Is there any plan to patch Lucene 8.11 for CVE-2024-45772 ?
> I need to stay
CONFIDENTIAL
Hello,
Is there any plan to patch Lucene 8.11 for CVE-2024-45772 ?
I need to stay on 8.11 branch because my application still runs on Java 8. We
plan to migrate to Java 17 but this cannot be done sooner than mid 2025...
(this is a huge application).
Thank you for this amazing piece
