Hi, thanks for your replies
This change is a temporary change as we plan to upgrade to update Solr to Later
version soon along with sitecore. So we decided to work on a quick fix against
the recent vulnurability issue.
On another note, i already implemented the changes on the solr. I can see th
I did not double check the exact version you are using. My comment about
swapping libs with slf4j is valid in general.
However, you should be aware that both solr 6.x and log4j 1 are end of life and
vulnerable in other ways, so an upgrade should be considered anyway.
SiteCore can likely be made
On 12/30/2021 1:39 AM, Iqrar Aminullah wrote:
Hi, We are User of Solr 6.6.3 along with Sitecore. Currently my team decided to
remove the log4j 1.2.17 in Solr 6.6.3 to mitigate the recent vulnerability
issues. I created a Jira ticket, but David Smiley told me to send an email
instead.
As Walt
Solr 6.6.3 and log4j 1.2.17 are not vulnerable. You do not need to change
anything.
wunder
Walter Underwood
wun...@wunderwood.org
http://observer.wunderwood.org/ (my blog)
> On Dec 30, 2021, at 12:39 AM, Iqrar Aminullah
> wrote:
>
>
> Hi, We are User of Solr 6.6.3 along with Sitecore. Curre
> Hi, We are User of Solr 6.6.3 along with Sitecore. Currently my team decided
> to remove the log4j 1.2.17 in Solr 6.6.3 to mitigate the recent vulnerability
> issues. I created a Jira ticket, but David Smiley told me to send an email
> instead.
>
> We tried to remove the Log4j library and pla
