Ubuntu - Apache Solr vulnerability (2020-01-29)

USN-4259-1: Apache Solr vulnerability

Apache Solr vulnerability<br>A security issue affects these releases of Ubuntu and its derivatives:<br>Ubuntu 16.04 LTS<br>Summary<br>Apache Solr could be made to run programs if it received specially crafted network traffic.<br>Software Description<br>lucene-solr - Full-text search engine library for Java - additional libraries<br>Details<br>Michael Stepankin and Olga Barinova discovered that Apache Solr was vulnerable to an XXE attack. An attacker could use this vulnerability to remotely execute code.<br>Update instructions<br>The problem can be corrected by updating your system to the following package versions:<br>Ubuntu 16.04 LTS<br>liblucene3-contrib-java - 3.6.2+dfsg-8ubuntu0.1<br>liblucene3-java - 3.6.2+dfsg-8ubuntu0.1<br>libsolr-java - 3.6.2+dfsg-8ubuntu0.1<br>solr-common - 3.6.2+dfsg-8ubuntu0.1<br>solr-jetty - 3.6.2+dfsg-8ubuntu0.1<br>solr-tomcat - 3.6.2+dfsg-8ubuntu0.1<br>To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.<br>In general, a standard system update will make all the necessary changes.<br>References<br>CVE-2017-12629<br>]]&gt;

Ubuntu是一个以桌面应用为主的Linux操作系统

CVE-2017-12629

暂无

暂无

https://usn.ubuntu.com/4259-1/