Information on source package lucene-solr

Available versions

ReleaseVersion
stretch3.6.2+dfsg-10+deb9u2
stretch (security)3.6.2+dfsg-10+deb9u3
buster3.6.2+dfsg-20+deb10u2
bullseye3.6.2+dfsg-24
bookworm3.6.2+dfsg-24
sid3.6.2+dfsg-24

Open issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2021-27905vulnerable (no DSA, postponed)vulnerable (no DSA, ignored)fixedfixedfixedThe ReplicationHandler (normally registered at "/replication" under a ...
CVE-2020-13941vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedReported in SOLR-14515 (private) and fixed in SOLR-14561 (public), rel ...

Open unimportant issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2019-17558vulnerablevulnerablevulnerablevulnerablevulnerableApache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code ...
CVE-2017-3164vulnerablevulnerablevulnerablevulnerablevulnerableServer Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (in ...

Resolved issues

BugDescription
CVE-2021-29943When using ConfigurableInternodeAuthHadoopPlugin for authentication, A ...
CVE-2021-29262When starting Apache Solr versions prior to 8.8.2, configured with the ...
CVE-2020-13957Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 ...
CVE-2019-12409The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure settin ...
CVE-2019-12401Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are v ...
CVE-2019-0193In Apache Solr, the DataImportHandler, an optional but popular module ...
CVE-2019-0192In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config ...
CVE-2018-11802In Apache Solr, the cluster can be partitioned into multiple collectio ...
CVE-2018-8026This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 re ...
CVE-2018-8010This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relat ...
CVE-2018-1308This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 rela ...
CVE-2017-12629Remote code execution occurs in Apache Solr before 7.1 with Apache Luc ...
CVE-2017-9803Apache Solr's Kerberos plugin can be configured to use delegation toke ...
CVE-2017-7660Apache Solr uses a PKI based mechanism to secure inter-node communicat ...
CVE-2017-3163When using the Index Replication feature, Apache Solr nodes can pull i ...
CVE-2015-8797Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plug ...
CVE-2015-8796Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/sche ...
CVE-2015-8795Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in ...
CVE-2014-3628Cross-site scripting (XSS) vulnerability in the Admin UI Plugin / Stat ...
CVE-2013-6408The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does no ...
CVE-2013-6407The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remo ...
CVE-2013-6397Directory traversal vulnerability in SolrResourceLoader in Apache Solr ...
CVE-2012-6612The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in A ...

Security announcements

DSA / DLADescription
DLA-2327-1lucene-solr - security update
DLA-1954-1lucene-solr - security update
DSA-4194-1lucene-solr - security update
DLA-1360-1lucene-solr - security update
DSA-4124-1lucene-solr - security update
DLA-1254-1lucene-solr - security update
DLA-1046-1lucene-solr - security update
DSA-2963-1lucene-solr - security update

Search for package or bug name: Reporting problems