lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20140617193203.GB3454@pisco.westfalen.local>
Date: Tue, 17 Jun 2014 21:32:03 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 2963-1] lucene-solr security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2963-1                   security@...ian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
June 17, 2014                          http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : lucene-solr
CVE ID         : CVE-2013-6397 CVE-2013-6407 CVE-2013-6408

Multiple vulnerabilities were found in Solr, an open source enterprise 
search server based on Lucene, resulting in information disclosure or 
code execution.

For the stable distribution (wheezy), these problems have been fixed in
version 3.6.0+dfsg-1+deb7u1.

For the testing distribution (jessie), these problems have been fixed in
version 3.6.2+dfsg-2.

For the unstable distribution (sid), these problems have been fixed in
version 3.6.2+dfsg-2.

We recommend that you upgrade your lucene-solr packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJToJcRAAoJEBDCk7bDfE42E3UQAKOCygBPg5ax76/GjH+hfdSZ
vBcNWFFFAqHKByj5W5yWRZ9DQcZ2tHiVXiUez3IYxtQOASnAU+XKICRUECkIsV0w
anZXh5pB+awZUjmIMJnH1tSh0T4lAAMLan+ACtPuWTns2F9P9qXqFGl6S/eywgiD
bK/fMjbrzpxzwzUkpbTS5+rAYpfAiPHm0sdfiBWmKUB/9m18KstL4VD0PQKlOf4k
Yptm2jIw5AHtVzwG516CH8V1xHJ0p27iVUncJuLjh3f1g+UX5L8XvATkHk1EAAUg
o87fzFzAXc1mCAmWjE2zrW+7j3IFYWF6Qqwfql3WHmsNm7AGM9dmbpC6Z45+zv8O
AUPoq8LJ/67HQbpliOX5Jwmxd1dagg4KXp+Dmu2+ZnVtgvZ09h2X3A/ItxKkb8YK
bNxP/0IjxQnmZWHJT9hwoUAxcOMaqy7TjhJziX+QBQMwspPlEE1dq032wT3guvXg
QDwT/gvyCd9TWs67SqHEXdjvcQSl13l00q7reBTpqwDH150i4E9LkTpSaQ2JNmdt
4xliBbfg8XzbjJrBtRBCASf7hak8ZmCil7+M1d+bv3DOpMg80EBzMGS1eCYzx0hL
p3VQfawt1z5iEABsybSx99acUe/YD13iFvSZs3RaY7/2RWSPP1PqSwgCq1MCENZj
JvoOViJy/vJN1KbqBFIW
=JxaK
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ