Google Git
Sign in
apache / lucene-site / refs/heads/asf-staging / . / output / news.html
blob: 3f70b80e303fc974f1a97ddf5b67b5f971b7c743 [file] [log] [blame]
<!doctype html>
<html>
<head>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE- 2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<link href="/theme/css/lucene/global.css?v=0e493d7a" rel="stylesheet" type="text/css">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/>
<meta name="Distribution" content="Global"/>
<meta name="Robots" content="index,follow"/>
<script type="text/javascript" src="/theme/javascript/lucene/prototype.js?v=0e493d7a"></script>
<script type="text/javascript" src="/theme/javascript/lucene/effects.js?v=0e493d7a"></script>
<script type="text/javascript" src="/theme/javascript/lucene/slides.js?v=0e493d7a"></script>
<script src="https://www.apachecon.com/event-images/snippet.js"></script> <title>Apache Lucene - Lucene™ Project News</title>
<meta name="keywords"
content="apache, apache lucene, apache solr, solr, lucene
search, information retrieval, spell checking, faceting, inverted index,
open source"/> <meta property="og:type" content="website" />
<meta property="og:url" content="https://lucene.apache.org/news.html"/>
<meta property="og:title" content="Lucene™ Project News"/>
<meta property="og:description" content="You may also read Lucene news as ATOM feeds: TLP news feed. All news feed. Lucene core news feed."/>
<meta property="og:image" content="https://lucene.apache.org/theme/images/lucene/lucene_og_image.png?v=0e493d7a"/>
<meta property="og:image:secure_url" content="https://lucene.apache.org/theme/images/lucene/lucene_og_image.png?v=0e493d7a"/>
<link rel="shortcut icon" type="image/png"
href="/theme/images/lucene/lucene-favicon.png?v=0e493d7a"/> </head>
<body id="home">
<div id="wrap">
<div id="header">
<div id="logo" style="float:left">
<a href="/">
<img border="0" src="/theme/images/lucene/lucene_logo_green_300.png?v=0e493d7a" alt="Lucene Logo"/>
</a>
</div>
<!-- TODO: Search disabled as it does not work, 2021-02-21
<div id="search" style="float:right;zoom:1">
<form id="quick-search" method="GET" action="https://sematext.com/opensee/lucene" name="searchform">
<fieldset>
<input type="search" id="q" name="q" placeholder="Search with Apache Solr..." class="class1 class2 hint" accesskey="q">
</fieldset>
</form>
</div>-->
<div id="nav">
<ul>
<li><a href="/core/">Core (Java)</a></li>
<li><a class="last" href="/pylucene/index.html">PyLucene</a></li>
</ul>
</div>
<div id="slides">
<div class="slideshow" id="mantleSlides">
<div id="slide1" >
<div class="callout">
Ultra-fast Search Library<br/>
</div>
<div class="descwrapper"><div class="description">
Apache Lucene set the standard for search and indexing performance.
Lucene is the search core of both Apache Solr™ and Elasticsearch™.
</div></div>
<div class="mantle">
<img alt="Apache Lucene" src="/theme/images/lucene/tlp/mantle-lucene.png?v=0e493d7a"/>
</div>
</div>
<div id="slide2" style="display:none">
<div class="callout">
Proven search capabilities<br/>
</div>
<div class="descwrapper"><div class="description">
Our core algorithms along with the Solr search server power applications the world over, ranging
from mobile devices to sites like Twitter, Apple and Wikipedia.
</div></div>
<div class="mantle">
<img alt="Lucene Power" src="/theme/images/lucene/mantle-power.png?v=0e493d7a"/>
</div>
</div>
<div id="slide3" style="display:none">
<div class="callout">
Large, Vibrant community
</div>
<div class="descwrapper"><div class="description">
The goal of Apache Lucene is to provide world class search capabilities
</div></div>
<div class="mantle">
<img alt="Apache Mahout community" src="/theme/images/lucene/tlp/mantle-community.png?v=0e493d7a"/>
</div>
</div>
<div id="slide4" style="display:none">
<div class="callout">
Apache 2.0 licensed
</div>
<div class="descwrapper"><div class="description">
Apache Lucene is distributed under a commercially friendly Apache Software license
</div></div>
<div class="mantle">
<img alt="Apache Software Foundation" src="/theme/images/lucene/mantle-asf.png?v=0e493d7a"/>
</div>
</div> </div>
<div class="controls">
<a class="next" id="next" title="Next" href="#">Next</a>
<a class="previous" id="previous" title="Previous" href="#">Previous</a>
<a class="start" id="start" title="Start" href="#" style="display: none; ">Start</a>
<a class="stop" id="stop" title="Stop" href="#">Stop</a>
</div>
<script type="text/javascript">
function StartSlides() {
new Slides('mantleSlides');
}
document.observe('dom:loaded', StartSlides);
</script>
</div> <!-- End #slides -->
</div> <!-- End #header -->
<div id="content-wrap" class="clearfix">
<div id="main">
<div>
<h1 class="title">Lucene™ Project News</h1>
<p>You may also read Lucene news as ATOM feeds:</p>
<ul>
<li><a href="/feeds/news.atom.xml">TLP news feed</a>.</li>
<li><a href="/feeds/all.atom.xml">All news feed</a>.</li>
<li><a href="/feeds/core/news.atom.xml">Lucene core news feed</a>.</li>
</ul>
</div>
<div>
<h2 id="new-mailing-lists">
6 September 2019 - New mailing lists
<a class="headerlink" href="#new-mailing-lists" title="Permanent link"></a>
</h2>
<p>The Lucene project has added two new announce mailing lists, <code>issues@lucene.apache.org</code> and <code>builds@lucene.apache.org</code>.
High-volume automated emails from our bug tracker, JIRA and GitHub will be moved from the <code>dev@</code> list to <code>issues@</code> and
automated emails from our Jenkins CI build servers will be moved from the <code>dev@</code> list to <code>builds@</code>.</p>
<p>This is an effort to reduce the sometimes overwhelming email volume on our main development mailing list and thus make it
easier for the community to follow important discussions by humans on the <code>dev@lucene.apache.org</code> list.</p>
<p>Everyone who wants to continue receiving these automated emails should sign up for one or both of the two new lists.
Sign-up instructions can be found on the <a href="https://lucene.apache.org/core/discussion.html">Lucene-java</a>
and <a href="https://lucene.apache.org/solr/community.html#mailing-lists-irc">Solr</a> web sites.</p>
<h2 id="please-secure-your-apache-solr-servers-since-a-zero-day-exploit-has-been-reported-on-a-public-mailing-list">
12 October 2017 - Please secure your Apache Solr servers since a zero-day exploit has been reported on a public mailing list
<a class="headerlink" href="#please-secure-your-apache-solr-servers-since-a-zero-day-exploit-has-been-reported-on-a-public-mailing-list" title="Permanent link"></a>
</h2>
<p>Please secure your Solr servers since a zero-day exploit has been
reported on a <a href="https://s.apache.org/FJDl">public mailing list</a>.
This has been assigned a public CVE (CVE-2017-12629) which we
will reference in future communication about resolution and mitigation
steps.</p>
<p>Here is what we're recommending and what we're doing now:</p>
<ul>
<li>
<p>Until fixes are available, all Solr users are advised to restart their
Solr instances with the system parameter <code>-Ddisable.configEdit=true</code>.
This will disallow any changes to be made to configurations via the
Config API. This is a key factor in this vulnerability, since it allows
GET requests to add the RunExecutableListener to the config. This is
sufficient to protect you from this type of attack, but means you cannot
use the edit capabilities of the Config API until the other fixes
described below are in place. Users are also advised to remap
the XML Query Parser to another parser to mitigate the XXE
vulnerability. For example, adding the following to the solrconfig.xml
file maps the <code>xmlparser</code> to the <code>edismax</code> parser:
<code>&lt;queryParser name="xmlparser" class="solr.ExtendedDismaxQParserPlugin"/&gt;</code>.</p>
</li>
<li>
<p>A new release of Lucene/Solr was in the vote phase, but we have now
pulled it back to be able to address these issues in the upcoming 7.1
release. We will also determine mitigation steps for users on earlier
versions, which may include a 6.6.2 release for users still on 6.x.</p>
</li>
<li>
<p>The RunExecutableListener will be removed in 7.1. It was previously
used by Solr for index replication but has been replaced and is no
longer needed.</p>
</li>
<li>
<p>The XML Parser will be fixed and the fixes will be included in the 7.1
release.</p>
</li>
<li>
<p>The 7.1 release was already slated to include a change to disable the
<code>stream.body</code> parameter by default, which will further help protect
systems.</p>
</li>
</ul>
<h2 id="recommendation-to-update-apache-poi-in-apache-solr-480-481-and-490-installations">
18 August 2014 - Recommendation to update Apache POI in Apache Solr 4.8.0, 4.8.1, and 4.9.0 installations
<a class="headerlink" href="#recommendation-to-update-apache-poi-in-apache-solr-480-481-and-490-installations" title="Permanent link"></a>
</h2>
<p>Apache Solr versions 4.8.0, 4.8.1, 4.9.0 bundle Apache POI 3.10-beta2 with its binary release tarball.
This version (and all previous ones) of Apache POI are vulnerable to the following issues:
CVE-2014-3529 <em>(XML External Entity (XXE) problem in Apache POI's OpenXML parser)</em>,
CVE-2014-3574 <em>(XML Entity Expansion (XEE) problem in Apache POI's OpenXML parser)</em>.</p>
<p>The Apache POI PMC released a bugfix version (3.10.1) today.</p>
<p>Solr users are affected by these issues, if they enable the "Apache Solr Content Extraction Library (Solr Cell)"
contrib module from the folder "contrib/extraction" of the release tarball.</p>
<p>Users of Apache Solr are strongly advised to keep the module disabled if they don't use it.
Alternatively, users of Apache Solr 4.8.0, 4.8.1, or 4.9.0 can update the affected libraries by
replacing the vulnerable JAR files in the distribution folder. Users of previous versions have
to update their Solr release first, patching older versions is impossible.</p>
<p>For detailed instructions, see <a href="/solr/solrnews.html#18-august-2014-recommendation-to-update-apache-poi-in-apache-solr-480-481-and-490-installations">Solr's News</a></p>
<h2 id="open-relevance-sub-project-closed">
11 June 2014 - Open Relevance sub-project closed
<a class="headerlink" href="#open-relevance-sub-project-closed" title="Permanent link"></a>
</h2>
<p>The Apache Lucene Project Management Committee decided in a vote,
that the Apache Lucene sub-project "Open Relevance" will be discontinued. There was only modest activity during the last
years and the project made no releases. Thank you to all committers for their support in this project!</p>
<h2 id="apache-lucene-48-and-apache-solr-48-will-require-java-7">
12 March 2014 - Apache Lucene 4.8 and Apache Solr 4.8 will require Java 7
<a class="headerlink" href="#apache-lucene-48-and-apache-solr-48-will-require-java-7" title="Permanent link"></a>
</h2>
<p>The Apache Lucene/Solr committers decided with a large majority on the vote to require <strong>Java 7</strong> for the next minor release of Apache Lucene and Apache Solr (version 4.8)!</p>
<p>The next release will also contain some improvements for Java 7:</p>
<ul>
<li>
<p>Better file handling (especially on Windows) in the directory implementations. Files can now be deleted on windows, although the index is still open - like it was always possible on Unix environments (delete on last close semantics).</p>
</li>
<li>
<p>Speed improvements in sorting comparators: Sorting now uses Java 7's own comparators for integer and long sorts, which are highly optimized by the Hotspot VM.</p>
</li>
</ul>
<p>If you want to stay up-to-date with Lucene and Solr, you should upgrade your infrastructure to Java 7.
Please be aware that you must use at least use Java 7u1.
The recommended version at the moment is Java 7u25. Later versions like 7u40, 7u45,... have a bug causing index corrumption.
Ideally use the Java 7u60 prerelease, which has fixed this bug. Once 7u60 is out, this will be the recommended version.
In addition, there is no more Oracle/BEA JRockit available for Java 7, use the official Oracle Java 7.
JRockit was never working correctly with Lucene/Solr (causing index corrumption), so this should not be an issue.
Please also review our list of JVM bugs: <a href="http://wiki.apache.org/lucene-java/JavaBugs">http://wiki.apache.org/lucene-java/JavaBugs</a></p>
<p><em>EDIT (as of 15 April 2014):</em> The recently released Java 7u55 fixes the above bug causing index corrumption.
This version is now the recommended version for running Apache Lucene and Solr.</p>
</div>
</div>
<div id="sidebar">
<div class="button-green">
<a href="/core/downloads.html">Download</a>
<div class="flap top">Click to</div>
<div class="flap bottom">Apache Lucene 9.10.0</div>
</div>
<div class="download-desc">Apache Lucene 9.10.0</div>
<h1 id="projects">Projects<a class="headerlink" href="#projects" title="Permanent link"></a></h1>
<ul>
<li><a href="/core/">Lucene Core (Java)</a></li>
<li><a href="/pylucene/">PyLucene</a></li>
<li><a href="/openrelevance/">Open Relevance (Discontinued)</a></li>
</ul>
<h1 id="about">About<a class="headerlink" href="#about" title="Permanent link"></a></h1>
<ul>
<li><a href="https://www.apache.org/licenses/">License</a></li>
<li><a href="/whoweare.html">Who We are</a></li>
<li><a href="/news.html">TLP News</a></li>
<li><a href="/code-of-conduct.html">Code of Conduct</a></li>
</ul>
<h1 id="events">Events<a class="headerlink" href="#events" title="Permanent link"></a></h1>
<ul>
<a class="acevent" data-format="square" data-mode="light" data-width="160" data-style="border: 1px solid lightgrey"></a>
</ul>
<h1 id="asf-links">ASF links<a class="headerlink" href="#asf-links" title="Permanent link"></a></h1>
<ul>
<li><a href="https://www.apache.org">Apache Software Foundation</a></li>
<li><a href="https://www.apache.org/foundation/thanks.html">Thanks</a></li>
<li><a href="https://www.apache.org/foundation/sponsorship.html">Become a Sponsor</a></li>
<li><a href="https://www.apache.org/security/">Security</a></li>
</ul>
<h1 id="editing-this-site">Editing This Site<a class="headerlink" href="#editing-this-site" title="Permanent link"></a></h1>
<ul>
<li><a href="site-instructions.html">Instructions</a></li>
<li><a href="http://daringfireball.net/projects/markdown/syntax">Markdown</a></li>
</ul>
<h1 id="related-projects">Related Projects<a class="headerlink" href="#related-projects" title="Permanent link"></a></h1>
<ul>
<li><a href="https://solr.apache.org">Apache Solr</a></li>
<li><a href="http://hadoop.apache.org">Apache Hadoop</a></li>
<li><a href="http://manifoldcf.apache.org/">Apache ManifoldCF</a></li>
<li><a href="http://lucenenet.apache.org/">Apache Lucene.Net</a></li>
<li><a href="http://mahout.apache.org">Apache Mahout</a></li>
<li><a href="http://nutch.apache.org">Apache Nutch</a></li>
<li><a href="http://opennlp.apache.org/">Apache OpenNLP</a></li>
<li><a href="http://tika.apache.org">Apache Tika</a></li>
<li><a href="http://zookeeper.apache.org">Apache Zookeeper</a></li>
</ul> </div>
</div> <!-- End #content-wrap -->
<div id="footer">
<div class="copyright">
<p>
Copyright &copy; 2011-2024 The Apache Software Foundation, Licensed under
the <a href="https://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>. <a href="/privacy.html">Privacy Policy</a> <br/>
Apache and the Apache feather logo are trademarks of The Apache Software Foundation. Apache Lucene, Apache Solr and their
respective logos are trademarks of the Apache Software Foundation. Please see the <a href="https://www.apache.org/foundation/marks/">Apache Trademark Policy</a>
for more information.
</p>
</div>
</div> </div> <!-- End #wrap -->
</body>
</html>