Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 13 Oct 2017 16:42:49 +0000 (UTC)
From:      Steve Wills <swills@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r452020 - head/security/vuxml
Message-ID:  <201710131642.v9DGgnDV094403@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: swills
Date: Fri Oct 13 16:42:49 2017
New Revision: 452020
URL: https://svnweb.freebsd.org/changeset/ports/452020

Log:
  Document solr issue

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Fri Oct 13 16:31:55 2017	(r452019)
+++ head/security/vuxml/vuln.xml	Fri Oct 13 16:42:49 2017	(r452020)
@@ -58,6 +58,35 @@ Notes:
   * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">;
+  <vuln vid="e837390d-0ceb-46b8-9b32-29c1195f5dc7">
+    <topic>solr -- Code execution via entity expansion</topic>
+    <affects>
+      <package>
+	<name>apache-solr</name>
+	<range><ge>5.1</ge><le>6.6.1</le></range>
+	<range><ge>7.0.0</ge><le>7.0.1</le></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">;
+	<p>Solr developers report:</p>
+	<blockquote cite="http://lucene.472066.n3.nabble.com/Re-Several-critical-vulnerabilities-discovered-in-Apache-Solr-XXE-amp-RCE-td4358308.html">;
+	  <p>Lucene XML parser does not explicitly prohibit doctype declaration and expansion of external entities which leads to arbitrary HTTP requests to the local SOLR instance and to bypass all firewall restrictions.</p>
+	  <p>Solr "RunExecutableListener" class can be used to execute arbitrary commands on specific events, for example after each update query. The problem is that such listener can be enabled with any parameters just by using Config API with add-listener command.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <url>http://lucene.472066.n3.nabble.com/Re-Several-critical-vulnerabilities-discovered-in-Apache-Solr-XXE-amp-RCE-td4358308.html</url>;
+      <url>https://marc.info/?l=apache-announce&amp;m=150786685013286</url>;
+      <cvename>CVE-2017-12629</cvename>
+    </references>
+    <dates>
+      <discovery>2017-10-13</discovery>
+      <entry>2017-10-13</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="6dc3c61c-e866-4c27-93f7-ae50908594fd">
     <topic>jenkins -- multiple issues</topic>
     <affects>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201710131642.v9DGgnDV094403>