Fixed: Update Solr and Lucene to address several CVEs (including Log4j) (OFBIZ-12464) Solr and Lucene 8.11.1 are now available in Maven Central

commit: 305f2c5abbb5534d127d5e76e8948c233857d1ad [log] [tgz]
author: Jacques Le Roux <jacques.le.roux@les7arts.com> Sat Dec 18 17:01:56 2021 +0100
committer: Jacques Le Roux <jacques.le.roux@les7arts.com> Sat Dec 18 17:02:51 2021 +0100
tree: e8b33e2765b8a507422555cc1450524c83ddf01c
parent: f000c69a0d11fb42f4817dc744a01e6a638551d3 [diff]
diff --git a/lucene/build.gradle b/lucene/build.gradle
index d905758..300ea96 100644
--- a/lucene/build.gradle
+++ b/lucene/build.gradle

@@ -20,7 +20,7 @@
     // 1. Remember to change the version LUCENE_VERSION in SearchWorker class when upgrading.
     // 2. luceneMatchVersion should be updated in solrconfig.xml
     // 3. Also Solr et Lucene should use the same version, 
-    pluginLibsCompile 'org.apache.lucene:lucene-core:8.11.0'
-    pluginLibsCompile 'org.apache.lucene:lucene-queryparser:8.11.0'
-    pluginLibsCompile 'org.apache.lucene:lucene-analyzers-common:8.11.0'
+    pluginLibsCompile 'org.apache.lucene:lucene-core:8.11.1'
+    pluginLibsCompile 'org.apache.lucene:lucene-queryparser:8.11.1'
+    pluginLibsCompile 'org.apache.lucene:lucene-analyzers-common:8.11.1'
 }

diff --git a/lucene/src/main/java/org/apache/ofbiz/content/search/SearchWorker.java b/lucene/src/main/java/org/apache/ofbiz/content/search/SearchWorker.java
index f88d6d8..c61a680 100644
--- a/lucene/src/main/java/org/apache/ofbiz/content/search/SearchWorker.java
+++ b/lucene/src/main/java/org/apache/ofbiz/content/search/SearchWorker.java

@@ -41,7 +41,7 @@
 
     public static final String module = SearchWorker.class.getName();
 
-    private static final Version LUCENE_VERSION = Version.LUCENE_8_11_0;
+    private static final Version LUCENE_VERSION = Version.LUCENE_8_11_1;
 
     private SearchWorker() {}
 

diff --git a/solr/build.gradle b/solr/build.gradle
index a97cc78..06ca6f6 100644
--- a/solr/build.gradle
+++ b/solr/build.gradle

@@ -20,7 +20,7 @@
     // 1. Remember to change the version LUCENE_VERSION in SearchWorker class when upgrading.
     // 2. luceneMatchVersion should be updated in solrconfig.xml
     // 3. Also Solr et Lucene should use the same version, 
-    pluginLibsCompile 'org.apache.solr:solr-core:8.11.0'
+    pluginLibsCompile 'org.apache.solr:solr-core:8.11.1'
     pluginLibsCompile 'com.google.guava:guava:28.0-jre'
 }
 

diff --git a/solr/home/solrdefault/conf/solrconfig.xml b/solr/home/solrdefault/conf/solrconfig.xml
index f597685..b9e8e06 100644
--- a/solr/home/solrdefault/conf/solrconfig.xml
+++ b/solr/home/solrdefault/conf/solrconfig.xml

@@ -35,7 +35,7 @@
        that you fully re-index after changing this setting as it can
        affect both how text is indexed and queried.
   -->
-  <luceneMatchVersion>8.11.0</luceneMatchVersion>
+  <luceneMatchVersion>8.11.1</luceneMatchVersion>
 
   <!-- <lib/> directives can be used to instruct Solr to load any Jars
        identified and use them to resolve any "plugins" specified in
commit	305f2c5abbb5534d127d5e76e8948c233857d1ad	[log] [tgz]
author	Jacques Le Roux <jacques.le.roux@les7arts.com>	Sat Dec 18 17:01:56 2021 +0100
committer	Jacques Le Roux <jacques.le.roux@les7arts.com>	Sat Dec 18 17:02:51 2021 +0100
tree	e8b33e2765b8a507422555cc1450524c83ddf01c
parent	f000c69a0d11fb42f4817dc744a01e6a638551d3 [diff]