[arch-commits] Commit in solr/trunk (PKGBUILD solr-8.11.0-CVE-2021-44228.patch)

David Runge dvzrv at gemini.archlinux.org
Thu Dec 16 20:34:11 UTC 2021 

    Date: Thursday, December 16, 2021 @ 20:34:11
  Author: dvzrv
Revision: 1074626

upgpkg: solr 8.11.1-1: Upgrade to 8.11.1.

This version is not affected by CVE-2021-45046 anymore as log4j 2.16.0 is now
included, which also makes the previous hotfix for CVE-2021-44228 redundant.

Modified:
  solr/trunk/PKGBUILD
Deleted:
  solr/trunk/solr-8.11.0-CVE-2021-44228.patch

----------------------------------+
 PKGBUILD                         |   17 +++++++----------
 solr-8.11.0-CVE-2021-44228.patch |   14 --------------
 2 files changed, 7 insertions(+), 24 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2021-12-16 20:31:50 UTC (rev 1074625)
+++ PKGBUILD	2021-12-16 20:34:11 UTC (rev 1074626)
@@ -1,8 +1,8 @@
 # Maintainer: David Runge <dvzrv at archlinux.org>
 
 pkgname=solr
-pkgver=8.11.0
-pkgrel=2
+pkgver=8.11.1
+pkgrel=1
 pkgdesc="Open source enterprise search platform built on Apache Lucene"
 arch=(any)
 url="https://lucene.apache.org/solr/"
@@ -23,20 +23,17 @@
   "${pkgname}.service"
   "${pkgname}.sysusers"
   "${pkgname}.tmpfiles"
-  "${pkgname}-8.11.0-CVE-2021-44228.patch"
 )
-sha512sums=('cf40198276e5e282287bd7d96ba4f89df8d54b9542b960e82763ba06e63c070d33cc49a90efd4fd4f33177c1af5e656f7038d20bce64c1dd0bc71faf8309e7ad'
+sha512sums=('99619e5295b06b08625f849af67b634a17c75a3593625a9890fa34f9850413290c4557d6ed6f070a55a53eed0761df0405b365fa824b0b834e1ab33a6cda0b9a'
             'SKIP'
             'd9a5dcc7a30bf449abf9028bc4aa88e196c953d82b884661ec3191d4a06ec50b106c01ecdcd225e3526ab4f4ce5634d6dcd4a03f1e128fdd4c26febb1b742532'
             '06e5e40b96d2b6668790e4b166fc2867b9e694a2c72fd57eec702526e009b8b0495acbe16a5a27e259827477f4783ce87742f1f806254d8a2baec23b0b317058'
-            '97252d1ba1e4e211a6b5a038981cbc9d6663a0d7a980b23484f838eebb2f8194571a3f34ea6b92ed0efd4b7f862e020b5e3e8478ad1de1c6832e232d0b20ff6d'
-            'da1efd3ea810a941ce1020f6b17f894c686b56370af2a839a6aa6c7b45fecf508212eb081f2f9c231a4910be9d4bb8db3abef080bd42e88b4383e1a27c4a8792')
-b2sums=('6b3741d78a1abbe78209801bf37789d0c2cb667cf0546021a198b05c38041d60530d57db30bbac79e52aa2ec75be126d9c30516efcbfde7337d02a8ab81bd5d5'
+            '97252d1ba1e4e211a6b5a038981cbc9d6663a0d7a980b23484f838eebb2f8194571a3f34ea6b92ed0efd4b7f862e020b5e3e8478ad1de1c6832e232d0b20ff6d')
+b2sums=('52f557a3c5f1828486cc67774903eba8937d08662425737f72eb395009018fb084d7310def8e21c1c566f7ce4bee8ec6497dc51195de2820d54c32feb4dcc343'
         'SKIP'
         'f970329fad0358cb19af9b9337047612d5949af8aea2dc7acd6c8424ba494644940d22f46b98a9cf1362ea2e5d966b863907de35e7c0edc2e48f7b0ed00473b7'
         '60ff37059a4ab8362551518d56ee105e7d19199727605d5ad6f3236bd31dde1cc5fa37ffa37009820ee3115da36ae64df4754454cef1db51d1c13cac039245cb'
-        '37ab5d9af1da1178fcc58ce39654fdecb842b24d4e2264a2eec95c10223e7d003f27a6b2957a267a17ce0fa72258d96642d5b909963576a5a7d13e4e05c47a51'
-        '7f44bfff492d40bfcfc3f080dae98c00658794fd262f5d56425d70bb6c52c9d3e3fb9d9bbd0d6f9683bc461ad106826803e7d1fac8686b15d3e56aa8505d4a69')
+        '37ab5d9af1da1178fcc58ce39654fdecb842b24d4e2264a2eec95c10223e7d003f27a6b2957a267a17ce0fa72258d96642d5b909963576a5a7d13e4e05c47a51')
 # list of trusted signing keys: https://downloads.apache.org/lucene/KEYS
 validpgpkeys=('2085660D9C1FCCACC4A479A3BF160FF14992A24C'  # Ishan Chattopadhyaya <ishan at apache.org>
               'E58A6F4D5B2B48AC66D5E53BD4F181881A42F9E6'  # Ignacio Vera (CODE SIGNING KEY) <ivera at apache.org>
@@ -50,11 +47,11 @@
               'FBC25D7E1712025294FE66590A6AA179B9BBF45E'  # Timothy Potter (CODE SIGNING KEY) <thelabdude at apache.org>
               '9722F25F650057E26C803B60A6D064D833B3A969'  # Mayya Sharipova (CODE SIGNING KEY) <mayya at apache.org>
               'E6E21FFCDCEA14C95910EA65051A0FAF76BC6507'  # Adrien Grand (CODE SIGNING KEY) <jpountz at apache.org>
+              '3558857D1F5754B78C7F8B5A71A45A3D0D8D0B93'  # Jan Høydahl (CODE SIGNING KEY) <janhoy at apache.org>
 )
 
 prepare() {
   cd "$pkgname-$pkgver"
-  patch -Np1 -i ../"${pkgname}-8.11.0-CVE-2021-44228.patch"
   ant ivy-bootstrap
   rm -rvf "${pkgname}/bin/init.d"
 }

Deleted: solr-8.11.0-CVE-2021-44228.patch
===================================================================
--- solr-8.11.0-CVE-2021-44228.patch	2021-12-16 20:31:50 UTC (rev 1074625)
+++ solr-8.11.0-CVE-2021-44228.patch	2021-12-16 20:34:11 UTC (rev 1074626)
@@ -1,14 +0,0 @@
-diff -ruN a/solr/bin/solr.in.sh b/solr/bin/solr.in.sh
---- a/solr/bin/solr.in.sh	2021-11-09 14:07:56.000000000 +0100
-+++ b/solr/bin/solr.in.sh	2021-12-12 01:08:21.406732722 +0100
-@@ -100,6 +100,10 @@
- #SOLR_OPTS="$SOLR_OPTS -Dsolr.autoSoftCommit.maxTime=3000"
- #SOLR_OPTS="$SOLR_OPTS -Dsolr.autoCommit.maxTime=60000"
- 
-+# fix log4j as solr 8.11.1 has not been released:
-+# https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
-+SOLR_OPTS="$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true"
-+
- # Location where the bin/solr script will save PID files for running instances
- # If not set, the script will create PID files in $SOLR_TIP/bin
- #SOLR_PID_DIR=

More information about the arch-commits mailing list