Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Fedora 27: 2017-9b3e2904bf High Severity Lucene Code Execution Risk

fedora
Calendar Grey November 11, 2017
Dist Fedora Esm H88
Important security update for Apache Lucene in Fedora 27 addresses critical exploit risk. Immediate upgrade is recommended.
Security fix for CVE-2017-12629

Summary

Apache Lucene is a high-performance, full-featured text search

engine library written entirely in Java. It is a technology suitable

for nearly any application that requires full-text search, especially

cross-platform.

Security fix for CVE-2017-12629

[ 1 ] Bug #1501529 - CVE-2017-12629 Solr: Code execution via entity expansion

https://bugzilla.redhat.com/show_bug.cgi?id=1501529

su -c 'dnf upgrade lucene' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Product: Fedora 27
Version: 6.1.0
Release: 6.fc27
Summary: High-performance, full-featured text search engine

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.