Hi Razvan,
Have you looked at https://solr.apache.org/security.html yet? Some of the
CVE's in your list are already listed there. If you could eliminate the
CVE's from your list that are already dealt with on that page then you
might get more attention. As it stands, you seem to be asking us to do
> Any news on this?
>
> We know some of them are covered in
> https://solr.apache.org/security.html#cve-reports-for-apache-solr-dependencies
> but not all.
> We have also seen the
> https://lists.apache.org/thread/539bkq8r11msjpl3yo1ssvy77kmdrps7
> Can we have a resolution for the above?
What
Any news on this?
From: Razvan Bolocan
Sent: Thursday, February 9, 2023 12:11 PM
To: users@solr.apache.org
Subject: SOLR security scan question
Hi,
We are using SOLR 8.11.2 both classic and containerised/docker.
We have an internal security scanner and it contains multiple types
Hi Razvan,
We maintain a forked branch of Solr 8.11.2 that fixes , I think, all of
these. We also publish a container for that. If you're interested to
learn more, let me know.
Best,
-Kevin
https://kmwllc.com
On Thu, Feb 9, 2023 at 7:37 AM Razvan Bolocan
wrote:
> Hi,
>
>
