Hi ,We are using Solr 7.7.3. How to apply fix for log4j third vulnerability
CVE-2021-45105 in Solr ?
Regards,
Hi ,We are using Solr 7.7.3. How to apply fix for log4j third vulnerability
CVE-2021-45105 in Solr ?
Regards,
Please refer below link.
https://solr.apache.org/security.html
On Sun, 19 Dec 2021 at 8:10 AM, Kashif Mumtaz
wrote:
> Hi ,We are using Solr 7.7.3. How to apply fix for log4j third
> vulnerability CVE-2021-45105 in Solr ?
> Regards,
>
>
>
Hi,
Thanks for the CISA github link.
Regards,
Mr. Turritopsis Dohrnii Teo En Ming
Targeted Individual in Singapore
19 Dec 2021 Sunday
On Fri, 17 Dec 2021 at 17:13, Aman Tandon wrote:
>
> Hi,
>
> Please see the list of affected softwares in below github link, this might
> not be complete list.
https://solr.apache.org/security.html page is not mentioning anything about
CVE-2021-45105
On Sunday, December 19, 2021, 05:15:15 PM GMT+4, ANNAMANENI RAVEENDRA
wrote:
Please refer below link.
https://solr.apache.org/security.html
On Sun, 19 Dec 2021 at 8:10 AM, Kashif Mumtaz
wr
Read again. It is explicitly mentioned:
https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
Jan Høydahl
> 19. des. 2021 kl. 18:16 skrev Kashif Mumtaz :
>
>
> https://solr.apache.org/security.html page is not mentioning anything about
> CVE-2021-45105
>
Solr's default logging config isn't vulnerable:
https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
You'd have to go out of your way to configure logging to use such this
vulnerable mechanism, and that isn't likely for Solr users to do so.
~ David Smiley
Apach
Thanks for mentioning ! I was checking the subject line only before. It is
stating
Apache Solr releases are not vulnerable to the followup CVE-2021-45046 and
CVE-2021-45105..
On Sunday, December 19, 2021, 10:27:44 PM GMT+4, Jan Høydahl
wrote:
Read again. It is explicitly mentioned:
