Apache Solr官网安全更新（2023-10-15）

15 October 2023, Apache Solr™ 9.4.0 available

<br/> <br/> The Solr PMC is pleased to announce the release of Apache Solr 9.4.0.<br/>Solr is the popular, blazing fast, open source NoSQL search platform from the Apache Solr project. Its major features include powerful full-text search, hit highlighting, faceted search, dynamic clustering, database integration, rich document handling, and geospatial search. Solr is highly scalable, providing fault tolerant distributed search and indexing, and powers the search and navigation features of many of the world&#39;s largest internet sites.<br/>Solr 9.4.0 is available for immediate download at:<br/>https://solr.apache.org/downloads.html<br/>Solr 9.4.0 Release Highlights:<br/><br/>The Lucene version used by Solr has been upgraded to 9.8 – see its release notes.<br/>The Jetty version has been updated to 10.0.17 to address CVE-2023-44487<br/>Added support for node-level caches<br/>Circuit Breakers available for Update Requests<br/>A new Circuit breaker for percentage of CPU utilization is added. The former &#34;CPU&#34; circuit breaker is now more correctly named LoadAverageCircuitBreaker as it trips on system load average which is not a percentage.<br/>Solr now includes an always-on trace id generator. This will inject trace id headers for every Solr request, propagating the client supplied value or generating a new id as needed and replaces the existing rid mechanism.<br/>Solr now limits the number of concurrent expensive core operations (such as &#34;backup&#34;, &#34;restore&#34;, and &#34;split&#34;) that are submitted asynchronously by running them in a dedicated thread pool.<br/>Added support of OAuth 2.0/OIDC &#39;code with PKCE&#39; flow<br/>Multiple bug fixes for TLS and mTLS<br/><br/>Please refer to the Upgrade Notes in the Solr Ref Guide for information on upgrading from previous Solr versions:<br/>https://solr.apache.org/guide/solr/9_4/upgrade-notes/solr-upgrade-notes.html<br/>Please read CHANGES.txt for a full list of new features, changes and bugfixes:<br/>https://solr.apache.org/9_4_0/changes/Changes.html<br/>

Apache Solr 是一个开源的搜索服务器。Solr 使用 Java 语言开发，主要基于 HTTP 和 Apache Lucene 实现。Apache Solr 中存储的资源是以 Document 为对象进行存储的。每个文档由一系列的 Field 构成，每个 Field 表示资源的一个属性。

<p><a target="_blank" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487">CVE-2023-44487</a></p>

暂无

暂无

https://lucene.apache.org/solr/news.html