Details
-
Improvement
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
3.3.4
-
Reviewed
Description
Solr is used in hadoop-yarn-applications-catalog-webapp.
$ grep solr.version . -r ./hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-applications-catalog/hadoop-yarn-applications-catalog-webapp/pom.xml: <version>${solr.version}</version> ./hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-applications-catalog/hadoop-yarn-applications-catalog-webapp/pom.xml: <version>${solr.version}</version> ./hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-applications-catalog/hadoop-yarn-applications-catalog-webapp/pom.xml: <version>${solr.version}</version> ./hadoop-project/pom.xml: <solr.version>8.8.2</solr.version> $
Solr-8.8.2's log4j2 version is 2.13.2.
Solr-8.11.2's log4j2 version is 2.17.1 ( https://issues.apache.org/jira/browse/SOLR-15871 )
Should we update solr to 8.11.2 correspondingly?
Then maven will not try to download log4j2-2.13.2, which is forbidden by some maven repository.
Attachments
Issue Links
- is related to
-
HADOOP-19148 Update solr from 8.11.2 to 8.11.3 to address CVE-2023-50298
- Open
- links to