Version: 8.8.1, Package name: solr-8.8.1 |
Maintained by: Stuart Henderson |
Master sites:
|
Description Solr is a standalone enterprise search server with a REST-like API supporting JSON, XML, CSV or binary over HTTP for document addition and searches. |
Filesize: 191753.915 KB |
Version History (View Complete History) |
|
2021-02-23 07:40:58 by Stuart Henderson | Files touched by this commit (2) |
Log message: update to solr-8.8.1 |
2021-01-29 07:41:34 by Stuart Henderson | Files touched by this commit (5) |
Log message: update to solr-8.8.0 |
2020-11-06 07:39:19 by Stuart Henderson | Files touched by this commit (5) |
Log message: update to solr-8.7.0 |
2020-10-13 04:31:58 by Stuart Henderson | Files touched by this commit (1) |
Log message: MFC solr update; CVE-2020-13957 (though you shouldn't expose API anyway) |
2020-10-08 08:14:35 by Stuart Henderson | Files touched by this commit (2) |
Log message: update to solr-8.6.3 |
2020-09-01 16:05:11 by Stuart Henderson | Files touched by this commit (2) |
Log message: update to solr-8.6.2 |
2020-08-18 01:28:52 by Stuart Henderson | Files touched by this commit (2) |
Log message: update to solr-8.6.1 |
2020-07-20 06:30:10 by Stuart Henderson | Files touched by this commit (4) |
Log message: update to solr-8.6.0 |
2020-07-11 16:54:41 by Stuart Henderson | Files touched by this commit (98) |
Log message: switch my maintainer email addresses to my own domain |
2020-06-01 07:44:41 by Stuart Henderson | Files touched by this commit (2) |
Log message: update to solr-8.5.2 |
2020-04-16 07:20:17 by Stuart Henderson | Files touched by this commit (2) |
Log message: update to solr-8.5.1 |
2020-03-19 13:19:23 by Stuart Henderson | Files touched by this commit (4) |
Log message: update to solr-8.5.0 |
2020-01-15 09:45:13 by Stuart Henderson | Files touched by this commit (3) |
Log message: update to solr-8.4.1 |
2019-12-30 06:55:48 by Stuart Henderson | Files touched by this commit (4) |
Log message: update to solr-8.4.0 |
2019-12-03 07:27:58 by Stuart Henderson | Files touched by this commit (2) |
Log message: update to solr-8.3.1 |
2019-11-03 12:09:46 by Stuart Henderson | Files touched by this commit (5) |
Log message: update to solr-8.3.0 |
2019-08-01 06:40:52 by Stuart Henderson | Files touched by this commit (3) |
Log message: update to solr-8.2.0 |
2019-06-10 18:38:36 by Kurt Miller | Files touched by this commit (57) |
Log message: Revision bump all java ports for the jre package removal and java.port.mk changes. |
2019-06-03 10:06:58 by Stuart Henderson | Files touched by this commit (153) |
Log message: s/PERMIT_PACKAGE_CDROM/PERMIT_PACKAGE/ and some light whitespace tidying in ports which I maintain |
2019-05-29 15:28:59 by Stuart Henderson | Files touched by this commit (3) |
Log message: update to solr-8.1.1 |
2019-05-15 02:18:34 by Stuart Henderson | Files touched by this commit (5) |
Log message: update to solr-8.1.0 |
2019-03-21 07:15:35 by Stuart Henderson | Files touched by this commit (4) |
Log message: update to solr-8.0.0 |
2019-02-11 04:31:54 by Stuart Henderson | Files touched by this commit (3) |
Log message: update to solr-7.7.0 |
2018-12-30 14:58:00 by Stuart Henderson | Files touched by this commit (4) |
Log message: update to solr-7.6.0 |
2018-10-04 14:43:02 by Stuart Henderson | Files touched by this commit (3) |
Log message: update to solr-7.5.0, take maintainer |
2018-07-04 13:20:52 by Stuart Henderson | Files touched by this commit (1) |
Log message: bump to ensure -current version is > -stable version for future updates (plist/pkg_add changes mean the -current plist couldn't be copied directly to -stable) |
2018-07-04 13:19:50 by Stuart Henderson | Files touched by this commit (3) |
Log message: MFC solr update, in case anyone runs this open to the net .. (tip: don't!) CVE-2018-8026: XXE vulnerability due to Apache Solr configset upload (exchange rate provider config / enum field config / TIKA parsecontext) http://www.openwall.com/lists/oss-security/2018/07/04/2 |
2018-06-23 08:55:04 by Stuart Henderson | Files touched by this commit (5) |
Log message: update to solr-7.4.0 |
2018-05-24 04:25:28 by Stuart Henderson | Files touched by this commit (3) |
Log message: update to solr-7.3.1, CVE-2018-8010: XXE vulnerability due to Apache Solr configset upload |
2018-05-24 04:24:37 by Stuart Henderson | Files touched by this commit (3) |
Log message: update to solr-7.3.1, if you aren't restricting to local-only traffic then you probably want this .. CVE-2018-8010: XXE vulnerability due to Apache Solr configset upload |
2018-04-10 06:22:39 by Stuart Henderson | Files touched by this commit (4) |
Log message: security update to solr-7.3.0 CVE-2018-1308: XXE attack through Apache Solr's DIH's dataConfig request parameter This vulnerability relates to an XML external entity expansion (XXE) in the `&dataConfig=<inlinexml>` parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network. See [1] for more details. Mitigation: Users are advised to upgrade to either Solr 6.6.3 or Solr 7.3.0 releases both of which address the vulnerability. Once upgrade is complete, no other steps are required. Those releases disable external entities in anonymous XML files passed through this request parameter. If users are unable to upgrade to Solr 6.6.3 or Solr 7.3.0 then they are advised to disable data import handler in their solrconfig.xml file and restart their Solr instances. Alternatively, if Solr instances are only used locally without access to public internet, the vulnerability cannot be used directly, so it may not be required to update, and instead reverse proxies or Solr client applications should be guarded to not allow end users to inject `dataConfig` request parameters. |