Debian Bug report logs -
#867712
lucene-solr: CVE-2017-3163
Package:
src:lucene-solr;
Maintainer for src:lucene-solr is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 8 Jul 2017 20:51:01 UTC
Severity: important
Tags: security, ...
Apache Solr could be made to run programs if it received
specially crafted network traffic ...
Two vulnerabilities have been found in Solr, a search server based on
Lucene, which could result in the execution of arbitrary code or
path traversal
For the oldstable distribution (jessie), these problems have been fixed
in version 362+dfsg-5+deb8u1
For the stable distribution (stretch), these problems have been fixed in
version 362+dfsg-10+ ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 709 security update on RHEL 6
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 70 for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 709 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application PlatformRed Hat Product Security has rated this update as having a security impact of Important A Com ...
Synopsis
Important: Red Hat JBoss Data Grid 711 security update
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Data Grid 711 is now available for download from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabil ...
Synopsis
Critical: EAP Continuous Delivery Technical Preview Release 12 security update
Type/Severity
Security Advisory: Critical
Topic
This is a security update for JBoss EAP Continuous Delivery 120Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerabil ...
Synopsis
Important: eap7-jboss-ec2-eap security update
Type/Severity
Security Advisory: Important
Topic
An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 70 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 70 for Red Hat Ent ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 709 security update on RHEL 7
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 70 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as ...
Synopsis
Moderate: rh-java-common-lucene5 security update
Type/Severity
Security Advisory: Moderate
Topic
An update for rh-java-common-lucene5 is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scor ...
Synopsis
Moderate: rh-java-common-lucene security update
Type/Severity
Security Advisory: Moderate
Topic
An update for rh-java-common-lucene is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scorin ...
Synopsis
Moderate: Red Hat JBoss Enterprise Application Platform 70 security update
Type/Severity
Security Advisory: Moderate
Topic
A security update is now available for Red Hat JBoss Enterprise ApplicationPlatform 7Red Hat Product Security has rated this update as having a security impact of Moderate A ...
Synopsis
Critical: Red Hat Process Automation Manager 7132 security update
Type/Severity
Security Advisory: Critical
Topic
An update is now available for Red Hat Process Automation ManagerRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, which gi ...
Synopsis
Moderate: Red Hat JBoss Enterprise Application Platform security update
Type/Severity
Security Advisory: Moderate
Topic
A security update is now available for Red Hat JBoss Enterprise ApplicationPlatform 7 for Red Hat Enterprise Linux 6 and 7Red Hat Product Security has rated this update as having ...
It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API ...