Date: Thu, 28 Nov 2013 23:55:17 -0500 (EST) From: David Jorm <djorm@...hat.com> To: oss-security <oss-security@...ts.openwall.com> Subject: CVE Request: Apache Solr XXE Hi All Apache Solr 4.3.1, 4.4, 5.0 resolves multiple XXE flaws, as described in the following bugs: https://issues.apache.org/jira/browse/SOLR-3895 https://issues.apache.org/jira/browse/SOLR-4881 I have confirmed that these issues can also be exploited on Apache Solr 3.6.2. Please assign a CVE ID for these XXE flaws (I think a single CVE ID is most appropriate). Thanks -- David Jorm / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.