Re: [ANNOUNCEMENT] Solr's Docker images were updated to remediate a CVE

2021-12-13 Thread Andy Lester
For those of you like me who want to explicitly set the variable without relying on which of the two Docker images with the same tag you’re pulling down, and you’re using a Dockerfile to add on to make your own Solr Docker image, add these lines: # Add option to mitigate log4j security vulnerab

[ANNOUNCEMENT] Solr's Docker images were updated to remediate a CVE

2021-12-12 Thread David Smiley
Apache Solr's Docker images were updated some hours ago with a simple remediation to avoid the Log4j 2 vulnerability[1] that many of you are becoming aware of -- Log4j 2 CVE-2021-44228. Just a "docker pull solr:tagVersionYouUse" (e.g. 8.11 or whatever) will update it for you. The remediation in t