Thursday, February 20, 2025

[USN-7283-1] Apache Solr vulnerability

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEEKl1CaPno2Qy4/AU8lFzKVeTWQe4FAme3zVYFAwAAAAAACgkQlFzKVeTWQe65
RA/8Czm9/J9pG7CgqVZSsVPvX3SPn2soJyl3v3W7hwHkroRz5YLsCvCdCipt6X1T8fnjGLfFeCua
CjNfw9It3cRuxrs7bIPgeDcUPxyufSGFoBQnyUmkv15ZarAUmJv8HLsVXV9tmRAoMrEszEpG4Gy+
+dwJP9weHXpIxziqjauqrDQgifN2qYcQ9UXZjfBN7D7z3WY4sOgb/apJOj9FOC+bG2uTozEXg/ye
T4zHqWGbvDYNBnjjP/vYegjLtOWhG6d7R2TMZ9O8bRmTDrZu8lOEqKUUD8LE82dX9k4zTvCZNL4/
3AHOabP5Q7shukEa2ZI27f/TiZgFIA+7pDN09HYZqH+GWjccCMpWxVsHnhScsqybDOniodSRr8L0
//czpHK01X54GuX+ahHbpGOyJ5hnfSijpMaRGdFYq6v5fFQy5iPeti4NIstaqn0Cxr39S8Q5YIEk
w5tG7ZsCIyMSClq/w2vw32zJoZP7Ww+5HDPVxlo5jktAOC1kBEMqsGM5eIr7VJ+OihMOK60H4faN
yuatQO9XQppjBlGhi4zdvOdUR1CmhQL9Z1U46vcJHbzvZ4ERK13gWtO0Bgsg+kf/oiRBFC1x5kwR
mYqtPFR4ZJxO3wmK4jnYPEowxUnQw6WQBLMXLPhBaFE2Dy3Z3LwUHnPy5xYtL1/eNCcuMtiPTVg5
DJs=
=y9vA
-----END PGP SIGNATURE----- 

==========================================================================  Ubuntu Security Notice USN-7283-1  February 21, 2025    lucene-solr vulnerability  ==========================================================================    A security issue affects these releases of Ubuntu and its derivatives:    - Ubuntu 18.04 LTS  - Ubuntu 16.04 LTS  - Ubuntu 14.04 LTS    Summary:    Apache Solr could be made to execute arbitrary code if it received  specially crafted input.    Software Description:  - lucene-solr: Full-text search engine library for Java    Details:    It was discovered that the Apache Solr DataImportHandler module incorrectly  handled certain request parameters in a default configuration. A remote  attacker could possibly use this issue to execute arbitrary code.    Update instructions:    The problem can be corrected by updating your system to the following  package versions:    Ubuntu 18.04 LTS    liblucene3-contrib-java         3.6.2+dfsg-18~18.04.1~esm2                                    Available with Ubuntu Pro    liblucene3-java                 3.6.2+dfsg-18~18.04.1~esm2                                    Available with Ubuntu Pro    libsolr-java                    3.6.2+dfsg-18~18.04.1~esm2                                    Available with Ubuntu Pro    Ubuntu 16.04 LTS    liblucene3-contrib-java         3.6.2+dfsg-8ubuntu0.1+esm1                                    Available with Ubuntu Pro    liblucene3-java                 3.6.2+dfsg-8ubuntu0.1+esm1                                    Available with Ubuntu Pro    libsolr-java                    3.6.2+dfsg-8ubuntu0.1+esm1                                    Available with Ubuntu Pro    Ubuntu 14.04 LTS    liblucene3-contrib-java         3.6.2+dfsg-2ubuntu0.1~esm4                                    Available with Ubuntu Pro    liblucene3-java                 3.6.2+dfsg-2ubuntu0.1~esm4                                    Available with Ubuntu Pro    libsolr-java                    3.6.2+dfsg-2ubuntu0.1~esm4                                    Available with Ubuntu Pro    In general, a standard system update will make all the necessary changes.    References:    https://ubuntu.com/security/notices/USN-7283-1    CVE-2019-0193

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)