diff options
| author | Matthias Fechner <mfechner@FreeBSD.org> | 2021-12-13 15:04:44 +0000 |
|---|---|---|
| committer | Matthias Fechner <mfechner@FreeBSD.org> | 2021-12-13 15:11:42 +0000 |
| commit | c0f35eb18159608517a8012fe7f36a8f0617fe8f (patch) | |
| tree | b6fa1f08606e566ef9e406e2d5e18ab0bf82ddb0 | |
| parent | d709612f9cd7130bc754efd6b05cb5b0f292fd0f (diff) | |
| download | ports-c0f35eb18159608517a8012fe7f36a8f0617fe8f.tar.gz ports-c0f35eb18159608517a8012fe7f36a8f0617fe8f.zip | |
textproc/apache-solr: disable format lookup for log4j
As recommended here:
https://solr.apache.org/news.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
disable lookup that opens a security vulnerability with log4j < 2.15.0.
This is a mitigation for CVE-2021-44228.
PR: 260373
(cherry picked from commit 7604d31e30b4c523981eb3fd1b41cc5697f94a26)
| -rw-r--r-- | textproc/apache-solr/Makefile | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/textproc/apache-solr/Makefile b/textproc/apache-solr/Makefile index 003e52dda678..1648d1e7f32a 100644 --- a/textproc/apache-solr/Makefile +++ b/textproc/apache-solr/Makefile @@ -2,6 +2,7 @@ PORTNAME= apache-solr PORTVERSION= 8.11.0 +PORTREVISION= 1 CATEGORIES= textproc java MASTER_SITES= APACHE/lucene/solr/${PORTVERSION} DISTNAME= solr-${PORTVERSION} @@ -47,7 +48,7 @@ do-install: ${ECHO} 'SOLR_LOGS_DIR="/var/log/solr"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample ${ECHO} 'SOLR_PORT="8983"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample ${ECHO} 'SOLR_PID_DIR="/var/db/solr"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample - ${ECHO} 'SOLR_OPTS="$$SOLR_OPTS -Djetty.host=localhost"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample + ${ECHO} 'SOLR_OPTS="$$SOLR_OPTS -Djetty.host=localhost -Dlog4j2.formatMsgNoLookups=true"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample ${MKDIR} ${STAGEDIR}/var/db/solr ${MKDIR} ${STAGEDIR}/var/log/solr |