[SECURITY] [DSA 2963-1] lucene-solr security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 2963-1] lucene-solr security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Tue, 17 Jun 2014 21:32:03 +0200
Message-id: <[🔎] 20140617193203.GB3454@pisco.westfalen.local>
Reply-to: debian-security@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2963-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
June 17, 2014                          http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : lucene-solr
CVE ID         : CVE-2013-6397 CVE-2013-6407 CVE-2013-6408

Multiple vulnerabilities were found in Solr, an open source enterprise 
search server based on Lucene, resulting in information disclosure or 
code execution.

For the stable distribution (wheezy), these problems have been fixed in
version 3.6.0+dfsg-1+deb7u1.

For the testing distribution (jessie), these problems have been fixed in
version 3.6.2+dfsg-2.

For the unstable distribution (sid), these problems have been fixed in
version 3.6.2+dfsg-2.

We recommend that you upgrade your lucene-solr packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJToJcRAAoJEBDCk7bDfE42E3UQAKOCygBPg5ax76/GjH+hfdSZ
vBcNWFFFAqHKByj5W5yWRZ9DQcZ2tHiVXiUez3IYxtQOASnAU+XKICRUECkIsV0w
anZXh5pB+awZUjmIMJnH1tSh0T4lAAMLan+ACtPuWTns2F9P9qXqFGl6S/eywgiD
bK/fMjbrzpxzwzUkpbTS5+rAYpfAiPHm0sdfiBWmKUB/9m18KstL4VD0PQKlOf4k
Yptm2jIw5AHtVzwG516CH8V1xHJ0p27iVUncJuLjh3f1g+UX5L8XvATkHk1EAAUg
o87fzFzAXc1mCAmWjE2zrW+7j3IFYWF6Qqwfql3WHmsNm7AGM9dmbpC6Z45+zv8O
AUPoq8LJ/67HQbpliOX5Jwmxd1dagg4KXp+Dmu2+ZnVtgvZ09h2X3A/ItxKkb8YK
bNxP/0IjxQnmZWHJT9hwoUAxcOMaqy7TjhJziX+QBQMwspPlEE1dq032wT3guvXg
QDwT/gvyCd9TWs67SqHEXdjvcQSl13l00q7reBTpqwDH150i4E9LkTpSaQ2JNmdt
4xliBbfg8XzbjJrBtRBCASf7hak8ZmCil7+M1d+bv3DOpMg80EBzMGS1eCYzx0hL
p3VQfawt1z5iEABsybSx99acUe/YD13iFvSZs3RaY7/2RWSPP1PqSwgCq1MCENZj
JvoOViJy/vJN1KbqBFIW
=JxaK
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 2962-1] nspr security update
Next by Date: [SECURITY] [DSA 2964-1] iodine security update
Previous by thread: [SECURITY] [DSA 2962-1] nspr security update
Next by thread: [SECURITY] [DSA 2964-1] iodine security update
Index(es):
- Date
- Thread