Hi,
We have a requirement to update existing docs live within say 30s.
New docs updated depending on solrconfig autoSoftCommit.
As our dev team are finding this difficult to implement within our
middleware, I was thinking of writing an update processor as a
'post-processor' to add commitWithin (u
Hi,
We want to use rollback in SolrJ while autoSoftCommit and autoCommit are
open ,and we expect it works like a transaction in databases,but we found all
non-committed documents are rolled back after SolrClient#rollback
called.Although the rolled back documents can not be searched after rol
Hi ,
I am employing Java Web Project to incorporate Delta Import Handling
functionality of Solr with my Collection data objects. I could do
full-import of data to the configured collection via Solr UI, but let the
Java Web App do a routine Delta-Import functionality instructed via
Automated Java Th
Is the embedded Solr also affected by the log4j2 vulnerability? If yes: does
starting the embedded Solr server ( in a tomcat ) with
-Dlog4j2.formatMsgNoLookups=true mitigate the issue alike?
Our current Solr version is 8.8.2
Thx
Clemens
Hi,
As long as you have configured your application having the embedded Solr, to
use log4j for logging, and you pass user-entered queries to embedded Solr, then
yes, you are vulnerable. And yes, setting that property in the JVM running
(embedded) Solr should help. If your application uses anoth
Hello all
We are using Apache Solr 7.7.0, 8.7 and 8.9 on Windows and Linux environment.
What mitigation option do we need to take for this vulnerability?
Thank you in advance.
Regards
Manisha
Confidentiality Notice
This email message, including any attachments, is for th
> On Dec 14, 2021, at 9:00 AM, Manisha Rahatadkar
> wrote:
>
> We are using Apache Solr 7.7.0, 8.7 and 8.9 on Windows and Linux
> environment. What mitigation option do we need to take for this vulnerability?
https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-20
When start Solr add to your env:
SOLR_OPTS="$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true"
On Tue, Dec 14, 2021 at 4:07 PM Andy Lester wrote:
>
>
> > On Dec 14, 2021, at 9:00 AM, Manisha Rahatadkar
> wrote:
> >
> > We are using Apache Solr 7.7.0, 8.7 and 8.9 on Windows and Linux
> environment.
Hi list,
we are running SolrCloud 6.6 and changing server (hardware).
Now I'm thinking about upgrading from Oracle Java 8 to OpenJDK 11.
Does Solr 6.6 run with OpenJDK 11, are there any known problems?
Regards Bernd
As far as I know changing the Java version does not solve the problem.
https://twitter.com/Laughing_Mantis/status/1470412026119798786
On Tue, Dec 14, 2021 at 4:09 PM Bernd Fehling <
bernd.fehl...@uni-bielefeld.de> wrote:
> Hi list,
>
> we are running SolrCloud 6.6 and changing server (hardware)
Hello all
We are using Apache Solr 7.7.0, 8.7 and 8.9 on Windows and Linux environment.
What mitigation option do we need to take for this vulnerability?
Where to get the log4j2? Can we just replace the log4j* files in
solr-8.7.0\server\lib\ext folder? Will it work?
https://solr.apache.org/sec
You can download log4j at https://logging.apache.org/log4j/2.x/download.html
When replacing the jar files, you will also need to restart your services.
On Tue, Dec 14, 2021 at 9:30 AM Manisha Rahatadkar <
manisha.rahatad...@anjusoftware.com> wrote:
> Hello all
>
>
>
> We are using Apache Solr 7
Rollback is not implemented for Solr Cloud clusters. We were using it for our
master/slave clusters, but had to rewrite to use a different approach when we
moved to Solr Cloud.
No, Solr does not have transactions. The rollback just cancels all submitted
updates (from any client) that have not b
On 2021-12-14 9:08 AM, Bernd Fehling wrote:
Hi list,
we are running SolrCloud 6.6 and changing server (hardware).
Now I'm thinking about upgrading from Oracle Java 8 to OpenJDK 11.
Does Solr 6.6 run with OpenJDK 11, are there any known problems?
IIRC it wasn't recommended back when oracle EOL
On 12/14/21 3:46 AM, Dan Rosher wrote:
We have a requirement to update existing docs live within say 30s.
New docs updated depending on solrconfig autoSoftCommit.
As our dev team are finding this difficult to implement within our
middleware, I was thinking of writing an update processor as a
'po
On 12/14/21 8:08 AM, Bernd Fehling wrote:
we are running SolrCloud 6.6 and changing server (hardware).
Now I'm thinking about upgrading from Oracle Java 8 to OpenJDK 11.
Does Solr 6.6 run with OpenJDK 11, are there any known problems?
It probably will not work without at least some changes to
unsubscribe
On Mon, Dec 13, 2021 at 8:53 AM Walter Underwood
wrote:
> Zookeeper 3.5.7 uses log4j 1.x, so is not vulnerable. I checked.
>
> wunder
> Walter Underwood
> wun...@wunderwood.org
> http://observer.wunderwood.org/ (my blog)
>
> > On Dec 13, 2021, at 6:20 AM, Michael Conrad wrote:
> >
Hi Vincenzo,
my question had nothing to do with log4j.
Thanks,
Bernd
Am 14.12.21 um 16:14 schrieb Vincenzo D'Amore:
As far as I know changing the Java version does not solve the problem.
https://twitter.com/Laughing_Mantis/status/1470412026119798786
On Tue, Dec 14, 2021 at 4:09 PM Bernd Fe
Hi Shawn,
unfortunately upgrading from Solr 6.x to 8.x is currently no solution.
I have several extensions and plugins developed like thesaurus for
26 European languages as selectable query extension, query pre- and
post-processing and so on.
Nevertheless, upgrading from Java 8 to OpenJDK 11 has
19 matches
Mail list logo
