Comments (5)
rnewson
commented on September 26, 2024
1
Hi,
log4j 1.x is not vulnerable to any of the "Log4Shell" problems. As for the other CVE's they are if you choose to use certain features of log4j.
I don't have much time to spend on couchdb-lucene but I might look into this, and I'd be happy to review a patch.
The preferred fix is to switch to the latest version of Logback instead of log4j (https://logback.qos.ch/)
from couchdb-lucene.
rnewson
commented on September 26, 2024
1
log4j dependency removed on master branch.
from couchdb-lucene.
htiwari1986
commented on September 26, 2024
Hi @rnewson, Is there any plan to fix the log4j vulnerabilities in couchdb-lucene?
pom.xml log4j dependency is 1.2.14
from couchdb-lucene.
recaph
commented on September 26, 2024
@rnewson thats great.. are you expecting more changes on the master? And will the new changes be made available as a release?
from couchdb-lucene.
rnewson
commented on September 26, 2024
I'm not planning any development, just updating dependencies. I might cut a release once I've done some testing beyond just the test suite. If you want to try master and let me know if it works for you, that would really help.
from couchdb-lucene.
Related Issues (20)
- CouchDB 2.1.x and Lucene HOT 9
- Can not run CouchDB lucene version 2.1
- Error > httpd 500 error response: {"error":"unknown_error","reason":"undef"} after upgrade from 2.0.0 to 2.1.1
- zero fields indexed HOT 1
- indexing and querying numeric ranges HOT 1
- Bookmarks Usage HOT 2
- Configuration for CouchDB 2.3.0 HOT 6
- pillowtalk support HOT 1
- Does couchdb-lucene offer faceting features, like counts etc? HOT 2
- Autocomplete with couchdb-lucene
- java.io.IOException: Search timed out. HOT 1
- Installation on ubuntu does not work correctly
- Is it possible to configure SSL for couchdb-lucene?
- Sorting on string is not lexicographical HOT 1
- com.github.rnewson.couchdb.lucene.DocumentConverterTest: com.github.rnewson.couchdb.lucene.couchdb.CouchDocument@58c1c010 caused exception during conversion
- When will couchdb-lucene be available on Apple Silicon M1 ?
- couchdb-lucene stucks with indexing if attachment is docx, pptx, xlsx format HOT 1
- Possible to support stale=ok type options?
- Using proximity query as fuzzy search HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from couchdb-lucene.