Thanks, but I tried to access the mentioned issues of https://lucene.apache.org/solr/6_6_2/changes/Changes.html
https://issues.apache.org/jira/browse/SOLR-11477 https://issues.apache.org/jira/browse/SOLR-11482 I get something like "permissionViolation=true", even after login!!! Is SOLR going to be closed source? Do we have to pay for seeing the issues? ;-) Regards Bernd Am 18.10.2017 um 10:29 schrieb Ishan Chattopadhyaya: > 18 October 2017, Apache Solr™ 6.6.2 available > > The Lucene PMC is pleased to announce the release of Apache Solr 6.6.2 > > Solr is the popular, blazing fast, open source NoSQL search platform from > the > Apache Lucene project. Its major features include powerful full-text > search, > hit highlighting, faceted search and analytics, rich document parsing, > geospatial search, extensive REST APIs as well as parallel SQL. Solr is > enterprise grade, secure and highly scalable, providing fault tolerant > distributed search and indexing, and powers the search and navigation > features > of many of the world's largest internet sites. > > This release includes a critical security fix and a bugfix. Details: > > * Fix for a 0-day exploit (CVE-2017-12629), details: > https://s.apache.org/FJDl. > RunExecutableListener has been disabled by default (can be enabled by > -Dsolr.enableRunExecutableListener=true) and resolving external entities > in > the XML query parser (defType=xmlparser or {!xmlparser ... }) is disabled > by > default. > > * Fix a bug where Solr was attempting to load the same core twice (Error > message: > "Lock held by this virtual machine"). > > Furthermore, this release includes Apache Lucene 6.6.2 which includes one > security > fix since the 6.6.1 release. > > The release is available for immediate download at: > > http://www.apache.org/dyn/closer.lua/lucene/solr/6.6.2 > > Please read CHANGES.txt for a detailed list of changes: > > https://lucene.apache.org/solr/6_6_2/changes/Changes.html > > Please report any feedback to the mailing lists > (http://lucene.apache.org/solr/discussion.html) > > Note: The Apache Software Foundation uses an extensive mirroring > network for distributing releases. It is possible that the mirror you > are using may not have replicated the release yet. If that is the > case, please try another mirror. This also goes for Maven access. >
