[SOLR-16949] RCE via Backup/Restore APIs - Fix for all file extensions - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Blocker
Resolution: Fixed
Affects Version/s: 8.11.2
Fix Version/s: 8.11.3, 9.5, 9.4.1
Component/s: Backup/Restore
Labels:
None

Description

Before an 8.11.3 release, https://issues.apache.org/jira/browse/SOLR-16480 needs to be backported, thus creating this as a blocker.

Here I am assuming that 8.x is vulnerable to the same attack, which should be investigated.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SOLR-16949.patch
08/Nov/23 15:35
29 kB
Jan Høydahl
SOLR-16949-8_11.patch
19/Nov/23 23:58
26 kB
Jan Høydahl
SOLR-16949-8_11-1.patch
20/Nov/23 08:43
28 kB
Jan Høydahl
SOLR-16949-main-protect-lib.patch
06/Dec/23 22:37
15 kB
Houston Putman
SOLR-16949-main-protect-lib-1.patch
07/Dec/23 20:26
15 kB
Houston Putman
SOLR-16949-main-protect-lib-2.patch
08/Dec/23 16:40
16 kB
Houston Putman
SOLR-16949-8_11-2.patch
08/Dec/23 20:22
28 kB
Jan Høydahl
SOLR-16949-8_11-3.patch
12/Dec/23 19:47
29 kB
Jan Høydahl
SOLR-16949-1.patch
13/Dec/23 14:27
42 kB
Jan Høydahl
jenkins.log.txt.gz
15/Dec/23 14:37
39 kB
Jason Gerlowski
SOLR-16949-inputstream-leaks.patch
17/Dec/23 23:33
12 kB
Jan Høydahl

Issue Links

relates to

SOLR-17104 Protect lib directories from being writable

Open

supercedes

SOLR-16480 RCE via Backup/Restore APIs that allow for deployment of executables in malicious ConfigSets

Closed

Activity

People

Assignee:: Jan Høydahl

Reporter:: Jan Høydahl

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 24/Aug/23 09:42

Updated:: 09/Feb/24 16:45

Resolved:: 13/Dec/23 22:54