There is work in progress on a 8.11.3 release, which will include Jetty 9.4.53.v20231009 which also is not vulnearble. Follow the dev-list for details on the progress of this release.
Jan > 27. okt. 2023 kl. 10:32 skrev Isabella Trevisan > <isabella.trevi...@infocamere.it.INVALID>: > > I read that version 9.4.0 mitigates this vulnerability but my version of > solr is 8.11.2. > Is there a workaround for version 8.11.2? > > Thank you > Regards > Isabella > > > Il giorno ven 27 ott 2023 alle ore 10:16 Isabella Trevisan < > isabella.trevi...@infocamere.it> ha scritto: > >> Sorry , I correct the CVE number CVE-2023-44487. >> >> Il giorno ven 27 ott 2023 alle ore 10:14 Isabella Trevisan < >> isabella.trevi...@infocamere.it> ha scritto: >> >>> Hi, >>> On October 10th, news of this vulnerability came out, which also >>> affected SolR. >>> On the Apache SolR Security news page it is not yet mentioned. >>> Can anyone provide me with some information on this vulnerability and >>> SolR ? >>> >>> Thank you >>> -- >>> Isabella Trevisan >>> >>
