Information on source package lucene-solr

Available versions

ReleaseVersion
jessie (security)3.6.2+dfsg-5+deb8u2
stretch (security)3.6.2+dfsg-10+deb9u2
buster3.6.2+dfsg-20
bullseye3.6.2+dfsg-20
sid3.6.2+dfsg-20

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-0193vulnerablevulnerablevulnerablevulnerablevulnerableIn Apache Solr, the DataImportHandler, an optional but popular module ...

Open unimportant issues

BugjessiestretchbusterbullseyesidDescription
CVE-2017-3164vulnerablevulnerablevulnerablevulnerablevulnerableServer Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (in ...

Resolved issues

BugDescription
CVE-2019-0192In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config ...
CVE-2018-8026This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 re ...
CVE-2018-8010This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relat ...
CVE-2018-1308This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 rela ...
CVE-2018-11802Rule-base Authorization plugin skips authorization if querying node does not have collection replica
CVE-2017-9803Apache Solr's Kerberos plugin can be configured to use delegation toke ...
CVE-2017-7660Apache Solr uses a PKI based mechanism to secure inter-node communicat ...
CVE-2017-3163When using the Index Replication feature, Apache Solr nodes can pull i ...
CVE-2017-12629Remote code execution occurs in Apache Solr before 7.1 with Apache Luc ...
CVE-2015-8797Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plug ...
CVE-2015-8796Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/sche ...
CVE-2015-8795Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in ...
CVE-2014-3628Cross-site scripting (XSS) vulnerability in the Admin UI Plugin / Stat ...
CVE-2013-6408The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does no ...
CVE-2013-6407The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remo ...
CVE-2013-6397Directory traversal vulnerability in SolrResourceLoader in Apache Solr ...
CVE-2012-6612The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in A ...

Security announcements

DSA / DLADescription
DSA-4194-1lucene-solr - security update
DSA-4194-1lucene-solr - security update
DLA-1360-1lucene-solr - security update
DSA-4124-1lucene-solr - security update
DSA-4124-1lucene-solr - security update
DLA-1254-1lucene-solr - security update
DLA-1046-1lucene-solr - security update
DSA-2963-1lucene-solr - security update

Search for package or bug name: Reporting problems