Debian has issued an advisory on February 27: https://www.debian.org/security/2018/dsa-4124 I'm not sure if the solr package is also affected (it may be). Mageia 5 and Mageia 6 are also affected.
Whiteboard: (none) => MGA6TOO
Status comment: (none) => Patch available from Debian
Upstream has issued an advisory today (April 8) for a new security issue: http://openwall.com/lists/oss-security/2018/04/08/3
Status comment: Patch available from Debian => Patch available from Debian for first two CVEsSummary: solr3 new security issues CVE-2017-3163 and CVE-2017-12629 => solr3 new security issues CVE-2017-3163, CVE-2017-12629, and CVE-2018-1308
(In reply to David Walser from comment #1) > Upstream has issued an advisory today (April 8) for a new security issue: > http://openwall.com/lists/oss-security/2018/04/08/3 Debian has issued an advisory for this on May 6: https://www.debian.org/security/2018/dsa-4194
Status comment: Patch available from Debian for first two CVEs => Patches available from Debian
Upstream has issued an advisory today (February 12): https://www.openwall.com/lists/oss-security/2019/02/12/7
Severity: normal => criticalSummary: solr3 new security issues CVE-2017-3163, CVE-2017-12629, and CVE-2018-1308 => solr3 new security issues CVE-2017-3163, CVE-2017-3164, CVE-2017-12629, and CVE-2018-1308
Upstream has issued an advisory on April 24: https://www.openwall.com/lists/oss-security/2019/04/24/1
Summary: solr3 new security issues CVE-2017-3163, CVE-2017-3164, CVE-2017-12629, and CVE-2018-1308 => solr3 new security issues CVE-2017-3163, CVE-2017-3164, CVE-2017-12629, CVE-2018-1308, CVE-2018-11802
Whiteboard: MGA6TOO => MGA7TOO, MGA6TOO
Upstream has issued an advisory on August 1: https://www.openwall.com/lists/oss-security/2019/08/01/1
Summary: solr3 new security issues CVE-2017-3163, CVE-2017-3164, CVE-2017-12629, CVE-2018-1308, CVE-2018-11802 => solr3 new security issues CVE-2017-3163, CVE-2017-3164, CVE-2017-12629, CVE-2018-1308, CVE-2018-11802, CVE-2019-0193
Upstream has issued an advisory on September 9: https://www.openwall.com/lists/oss-security/2019/09/10/1
Summary: solr3 new security issues CVE-2017-3163, CVE-2017-3164, CVE-2017-12629, CVE-2018-1308, CVE-2018-11802, CVE-2019-0193 => solr3 new security issues CVE-2017-3163, CVE-2017-3164, CVE-2017-12629, CVE-2018-1308, CVE-2018-11802, CVE-2019-0193, CVE-2019-12401
Whiteboard: MGA7TOO, MGA6TOO => MGA7TOOCC: (none) => mageia
Upstream has issued an advisory on August 14: https://www.openwall.com/lists/oss-security/2020/08/15/1
Summary: solr3 new security issues CVE-2017-3163, CVE-2017-3164, CVE-2017-12629, CVE-2018-1308, CVE-2018-11802, CVE-2019-0193, CVE-2019-12401 => solr3 new security issues CVE-2017-3163, CVE-2017-3164, CVE-2017-12629, CVE-2018-1308, CVE-2018-11802, CVE-2019-0193, CVE-2019-12401, CVE-2020-13941
(In reply to David Walser from comment #5) > Upstream has issued an advisory on August 1: > https://www.openwall.com/lists/oss-security/2019/08/01/1 Debian-LTS has issued an advisory for this on August 6: https://www.debian.org/lts/security/2020/dla-2327
not in cauldron anymore
Version: Cauldron => 7Whiteboard: MGA7TOO => (none)
Upstream has issued advisories on April 12: https://www.openwall.com/lists/oss-security/2021/04/12/2 https://www.openwall.com/lists/oss-security/2021/04/12/3 https://www.openwall.com/lists/oss-security/2021/04/12/4
Summary: solr3 new security issues CVE-2017-3163, CVE-2017-3164, CVE-2017-12629, CVE-2018-1308, CVE-2018-11802, CVE-2019-0193, CVE-2019-12401, CVE-2020-13941 => solr3 new security issues CVE-2017-3163, CVE-2017-3164, CVE-2017-12629, CVE-2018-1308, CVE-2018-11802, CVE-2019-0193, CVE-2019-12401, CVE-2020-13941, CVE-2021-27905, CVE-2021-29262, CVE-2021-29943
https://blog.mageia.org/en/2021/06/08/mageia-7-will-reach-end-of-support-on-30th-of-june-the-king-is-dead-long-live-the-king/
Resolution: (none) => OLDStatus: NEW => RESOLVED