Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-12204

Upgrade commons-fileupload to address CVE-2016-1000031

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 7.2
    • 7.3.1, 7.4, 8.0
    • None
    • None

    Description

      Currently SOLR is using 1.3.2 version of commons-fileupload library which is susceptible to  CVE-2016-1000031. We should upgrade the this library to the latest version (1.3.3 at the time of writing) to mitigate the security risk.

      Attachments

        1. SOLR-12204.patch
          2 kB
          Steven Rowe
        2. SOLR-12204.patch
          2 kB
          Steven Rowe

        Issue Links

          relates to

          Task - A task that needs to be done. SOLR-13878 Update commons-fileupload to 1.4 to fix potential resource leak issue

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              sarowe Steven Rowe
              hgadre Hrishikesh Gadre
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: