Thanks a lot! That helps and is a true pain relief.
From: Jan Høydahl
Date: Tuesday, 22. August 2023 at 00:29
To: users@solr.apache.org
Subject: Re: Antw: Solr Image 8.11.2 susceptible to CVE-2021-31879 and
GHSA-jgvc-jfgh-rjvv
Hi,
The jose4j attack would affect the `jwt-auth` module, but only
Dear Apache Solr Community,
We are currently in the process of migrating to AWS Cloud, and as part of this
transition, we scanned our existing Apache Solr 8.11.2 with AquaSec. Several
critical security vulnerabilities have emerged from this scan.
While many of the identified CVEs are already li
Hi,
It would be helpful if you instead of copy/pasting 10 CVE numbers, could break
it up and list one by one with its title and summary, and why you have reason
to worry that it is a problem for Solr.
Then our team can consider each one you believe to be problematic, and decide
whether we are
Hi Guys,
One of the cool things Lucidworks did was to publish AND REPEATEDLY UPDATE
all the CVE stuff. In addition to supporting their own Fusion product,
Lucid also does quite a bit of Solr work and communications.
If you go on the public support site (no login needed), you can just search
for
Those CVEs all appear to relate to old Jackson versions. Solr 8.11.2
includes jackson 2.13.3 which is not affected by those CVEs.
So I'm not sure why a scanner would even flag those CVEs, unless they're
transitively referenced by other dependencies.
On Tue, 22 Aug 2023 at 13:02, Mark Bennett wrot
Hi Solr Users,
I see this error showing up in logs. What plugin is this referring to? Any
solution to resolve this?
2023-08-21 11:18:10.273 ERROR (qtp1725062057-26751) [] o.a.s.a.V2HttpCall
Error in init() => org.apache.solr.common.SolrException: Could not load
plugin at /v1/appconfiguration/
at
I've tried to switch from the 8.X to 9.3 solrj client library. At the same
time - I switched to Http2SolrClient since the other was marked deprecated.
We use the client in the pattern ...
try (SolrClient client = createSolrClient()) {
response = client.query(solrQuery);
// do stuff with respo
I suspect the source of this problem is either something low level in the
jetty HttpClient cleanup code ( which Solr should should already be
correctly cleaning up on Http2SolrClient.close() ) or it's some nuance of
how your 'createSolrClient()' method is impleemnted that creates an edge
case
Hi all,
We are planning on upgrading our SOLR application to version 9.2.1 while
doing a POC - I was made aware that DIH, the data import handler, is longer
supported from 9.x versions.
We use DIH extensively to index HTTP feeds, this is very critical for us.
As I was looking for DIH packages I c
End of message is the getSolrClient() . (We have a different core per
language). Also using http 1_1 since we have apache(http) reverse proxy
in front of solr in non-prod tiers and haproxy load balancing in
production.
As I was testing earlier (after initial question), there doesn't
seem to be a
End of message is the getSolrClient() . (We have a different core per
language). Also using http 1_1 since we have apache(http) reverse proxy
in front of solr in non-prod tiers and haproxy load balancing in
production.
As I was testing earlier (after initial question), there doesn't
seem to be a
I think now is a really good time to move to Solr Cloud. If you are only
running a single node, well, then running embedded ZK is just fine. It opens
the door to many new features.
> On Aug 22, 2023, at 3:03 PM, Surya K wrote:
>
> Hi all,
>
> We are planning on upgrading our SOLR applicat
Yeah ok, but we have master/replica architecture for our standalone, zk
might complicate things?
On Tue, Aug 22, 2023 at 3:54 PM Eric Pugh
wrote:
> I think now is a really good time to move to Solr Cloud. If you are only
> running a single node, well, then running embedded ZK is just fine.
Yeah, if you are using leader/follower architecture, then maybe you want a
small solrcloud setup.We do need to work on our “from single node, to 3
nodes, to more then 3 nodes” progression/recommendations.
> On Aug 22, 2023, at 5:40 PM, Surya K wrote:
>
> Yeah ok, but we have master/replica
On 8/22/23 11:06, Tim Funk wrote:
I've tried to switch from the 8.X to 9.3 solrj client library. At the same
time - I switched to Http2SolrClient since the other was marked deprecated.
We use the client in the pattern ...
try (SolrClient client = createSolrClient()) {
response = client.query
On 8/22/23 08:59, rajani m wrote:
I see this error showing up in logs. What plugin is this referring to? Any
solution to resolve this?
2023-08-21 11:18:10.273 ERROR (qtp1725062057-26751) [] o.a.s.a.V2HttpCall
Error in init() => org.apache.solr.common.SolrException: Could not load
plugin at /v1
You are right, it is a custom configuration, thank you Shawn.
On Tue, Aug 22, 2023 at 7:06 PM Shawn Heisey wrote:
> On 8/22/23 08:59, rajani m wrote:
> > I see this error showing up in logs. What plugin is this referring to?
> Any
> > solution to resolve this?
> >
> > 2023-08-21 11:18:10.273 E
17 matches
Mail list logo
