Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted lucene-solr 3.6.2+dfsg-20+deb10u2 (source) into proposed-updates->stable-new, proposed-updates
Date: Mon, 24 Aug 2020 18:02:08 +0000
Signed by: Markus Koschany <apo@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 16 Aug 2020 15:56:26 +0200
Source: lucene-solr
Architecture: source
Version: 3.6.2+dfsg-20+deb10u2
Distribution: buster
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Changes:
 lucene-solr (3.6.2+dfsg-20+deb10u2) buster; urgency=medium
 .
   * Team upload.
   * Fix CVE-2019-0193:
     The DataImportHandler, an optional but popular module to pull in data from
     databases and other sources, has a feature in which the whole DIH
     configuration can come from a request's "dataConfig" parameter. The debug
     mode of the DIH admin screen uses this to allow convenient debugging /
     development of a DIH config. Since a DIH config can contain scripts, this
     parameter is a security risk. Starting from now on, use of this parameter
     requires setting the Java System property "enable.dih.dataConfigParam" to
     true. For example this can be achieved with solr-tomcat by adding
     -Denable.dih.dataConfigParam=true to JAVA_OPTS in /etc/default/tomcat9.
Checksums-Sha1:
 c037a4457451183b73c904a19f24ec037b6c0f15 3347 lucene-solr_3.6.2+dfsg-20+deb10u2.dsc
 ed8e01d2317cafa1700098437e376daadff98e2d 54520 lucene-solr_3.6.2+dfsg-20+deb10u2.debian.tar.xz
 08ffeb86f105d213ab7eddb2571f40210e123586 12488 lucene-solr_3.6.2+dfsg-20+deb10u2_amd64.buildinfo
Checksums-Sha256:
 a2a0e47f507ec6b0ea4700997fbce916be6269411b109c0396d3243ac2376ab0 3347 lucene-solr_3.6.2+dfsg-20+deb10u2.dsc
 9f101c1550c1bc4035adbca49383fd7b37f2e71025f15a35fd6564f8f8cc8f85 54520 lucene-solr_3.6.2+dfsg-20+deb10u2.debian.tar.xz
 b69fa82e3e74cf8a026bc5cfbec9bcb3fdea40dcd634b004635e22a74bfc3d26 12488 lucene-solr_3.6.2+dfsg-20+deb10u2_amd64.buildinfo
Files:
 8d9675bb3524824dcf171a75f00063f4 3347 java optional lucene-solr_3.6.2+dfsg-20+deb10u2.dsc
 b5d5357c50386792de77962d92e66234 54520 java optional lucene-solr_3.6.2+dfsg-20+deb10u2.debian.tar.xz
 773d5aba513671c2497db1b236094d31 12488 java optional lucene-solr_3.6.2+dfsg-20+deb10u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl85WGRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkCu0P/inRzrj3Wd7LuGF08RDWiQjKYYMN0yU68dcl
iiWtMvPHF0BkJ9U2doyhbXfaSQz+oP6XdMTyxiiqM/L+zVLlHxghhOgscJiAGTix
5GtI7dCZpvCapba0k0WSTUTUzizFWu8+TTzgDgFurhpdh5+wwFNqecnHzaFYizFL
eyuyHEQ89Ni6fv1bYgN6mx2Zp6exXyWOAqbl/Iu8MFTk60oYDx+gl1DFtfwYJPZM
A4kHG27qtxPIukXAI27Urac/nBkZw0UWhzSm7J21vDCS4U/5yQht0XmKTsCt5mdp
2WQPPuYo0EIYpJN4CvWkbQZ9m7pxETKSdYBh67IR5UASH6mdKycNQeq/Fqc+DoP/
PjU470SLZafAyU0bZtkE6foUZ9fNfBFOR4eeulvTEZJzA394877l/BbKX15Z8DpZ
1GegoHTuo0xFYS9uCxU0Qo8DawpeB/PQ316D95odOe6DBb2AJiZeq4tdB28q1FY4
iR1XpTfO/9klTWF8zDZr89ZLcVvwsVVpJSh8XG/PonL4MVqQwgB2Y7xt37oJQb+7
skN3i9wMnBhLU7bNGapnWnI6niqA76T8owmR3Bn+zLFUV4ltlJnzb/7y+Jn2zstU
mtp3YYq+6B0SiIil7T38JHRyleoWmz9yc4uXF8QoFX5ufKMZm8uBUZ/dn0vH8EzJ
4fylrqLY
=+2Uy
-----END PGP SIGNATURE-----

News for package lucene-solr