Re: Log4J DoS Vulnerability: CVE-2021-45105

2022-02-24 Thread André Widhani
Please see https://solr.apache.org/security.html [https://solr.apache.org/theme/images/solr_og_image.png?v=4dd59757] Solr™ Security News - Apache Solr Solr ™ Security News¶ How to report a security issue. If you believe y

Facing Solr Issue - enable LTR on our instance of SOLR 8.1

2022-02-24 Thread Shailesh Randive
Hello, We have enable LTR on our instance of SOLR 8.1 . I have uploaded one catalog on local system and our QA environment and followed the standard process for enabling the feature on QA. We have followed below link for configuration: https://solr.apache.org/guide/8_1/learning-to-rank.html Whe

Re: Log4J DoS Vulnerability: CVE-2021-45105

2022-02-24 Thread Shawn Heisey
On 2/23/2022 9:25 PM, Ramila Herath wrote: Can this vulnerability to exploited in Solr 8.11.1? solr 8.11.1 has log4j 2.16 but I couldn’t find a log4j.properties files in the distribution setting a non-default layout pattern (with or without context lookup). Any idea when Solr would do a release