A security issue with jmatio, a library for parsing Matlab files and included in Tika, lead to security advisory CVE-2016-6809 which has just been announced to the Solr community (click me).

The documentation in this module assumes users use Tika 1.4 which contains the vulnerability. Maybe we could advise users to upgrade to Tika 1.6 which contains the fix.

Versions of Solr affected:
Solr 5.0.0 to 5.5.4
Solr 6.0.0 to 6.6.1
Solr 7.0.0 to 7.0.1

Mitigation:
Users are advised to upgrade to either Solr 5.5.5 or Solr 6.6.2 or Solr 7.1.0
releases which have fixed this vulnerability.

Comments

fengtan created an issue. See original summary.

fengtan’s picture

Status: Active » Needs review
StatusFileSize
new1.33 KB

  • izus committed ef88efd on 7.x-1.x authored by fengtan
    Issue #2918998 by fengtan, izus: Warn about Tika security vulnerability...
izus’s picture

Status: Needs review » Fixed

merged
Thanks

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.