![]() We therefore decided to start pinning not only Java release, but also Linux release in our official Docker images. Other subtle ways, as well as breaking downstream images using us as a base image. Having a "floating" linux release like this can also break the image in With Docker client versions before 20.10.16. This was not our desire, and we have learnt that due to this, our image is no longer compatible It would pull Ubuntu 20.04 (Focal Fossa), but at the end of May, it was auto upgraded to the brand new UbuntuĢ2.04 (Jammy Jellyfish). However, the base image tag 17-jre did not give us pinning to a specific Ubuntu Linux major release.Īt the time of Solr 9 release on May 12th If you pull the docker image from time to time that is. Thus, we are pinned to Java 17 and Solr'sĭocker image will thus always use an updated Java 17 version. ![]() Solr 9 was released on May 12th, using the eclipse-temurin:17-jre base image. 20 October 2022, Solr Docker images now pin the Linux release While openjdk:11-jre uses Debian GNU/Linux 11 (bullseye), the eclipse-temurin:11-jre-focal image uses Ubuntu 20.04.5 LTS (Focal Fossa).įurthermore, there is now no difference between the solr:11-jre and solr:11-jre-slim images, because our new vendor only offers one variant which is fairly slim already. However, if you use our image as base image and rely on specific tools to be present, you may need to adapt. For most users there will be no issues, as it is mainly a new distribution of the same upstream OpenJDK version. Users should be aware that on your next docker pull solr:8.11.2 you will be upgraded. ![]() This is the same vendor as we use for our Solr 9 image, and their JDK11 support lasts until October 2024. We chose Eclipse Temurin from the Adoptium project. Since Solr 8.11 is still being supported by the Apache Solr project, we needed to switch to another OpenJDK vendor with JDK11 support. However, due to Oracle's new release policies, they now no longer provide support for JDK11. The official docker image for Solr 8.11 has been running on Oracle OpenJDK 11 JRE. 20 October 2022, Solr 8 Docker image changes to Eclipse Temurin JDK a option you will need to provide the JVM flag mentioned above in addition to the other flags you are setting. The Docker image uses the -a option to set this java flag when running Solr, so if you are using the If you run Solr 9 with the official Docker image, we have already pushed an updated Docker image to Docker Hub that will inject the flag for you. Bin/solr -a "-XX:CompileCommand=exclude.cache.BoundedLocalCache::put" For information on H3C's security emergency response service and H3C product vulnerabilities, please visit. H3C advocates that every effort be made to safeguard the ultimate interests of product users, to abide by principles of responsible disclosure of security incidents, and to handle product security issues in accordance with security issues mechanisms. security emergency response external service Set access whitelist, only allow trusted IP to access Solr APIģ. To use identity authentication, please refer to the link for details: ģ. If the ConfigSets API is not used in the environment, you can disable the UPLOAD command, =false, refer to the link for details: Ģ. If you cannot upgrade, you can use the patch in the SOLR-14663 announcement, refer to the link: ġ. Apache Solr has officially fixed the vulnerability in the new version. Modify the parameters in the configuration file to cause remote code execution and obtain server permissions.ĪpacheSolr 6.6.0 - 6.6.5\ApacheSolr 7.0.0 - 7.7.3\ApacheSolr 8.0.0 - 8.6.2ġ. A remote attacker can use this vulnerability to combine the UPLOAD/CREATE commands to achieve unauthorized operations. If you upload configuration files through the ConfigSet API without authentication, Apache Solr will disable some dangerous functions that can be used for remote code execution by default. Recently, the Xinhua Three Offensive and Defense Laboratory monitored that Apache officially updated a notice about fixing the file upload vulnerability of Apache Solr Configset API, and carried out tracking and analysis. At present, many companies use Solr to implement their search and navigation functions. It supports REST-like API interfaces, provides distributed indexing, centralized configuration and other functions. Apache Solr is an enterprise-level search platform developed in Java and implemented based on Apache Lucene. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |