git: c0f35eb18159 - 2021Q4 - textproc/apache-solr: disable format lookup for log4j
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 13 Dec 2021 15:11:52 UTC
The branch 2021Q4 has been updated by mfechner:
URL: https://cgit.FreeBSD.org/ports/commit/?id=c0f35eb18159608517a8012fe7f36a8f0617fe8f
commit c0f35eb18159608517a8012fe7f36a8f0617fe8f
Author: Matthias Fechner <mfechner@FreeBSD.org>
AuthorDate: 2021-12-13 15:04:44 +0000
Commit: Matthias Fechner <mfechner@FreeBSD.org>
CommitDate: 2021-12-13 15:11:42 +0000
textproc/apache-solr: disable format lookup for log4j
As recommended here:
https://solr.apache.org/news.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
disable lookup that opens a security vulnerability with log4j < 2.15.0.
This is a mitigation for CVE-2021-44228.
PR: 260373
(cherry picked from commit 7604d31e30b4c523981eb3fd1b41cc5697f94a26)
---
textproc/apache-solr/Makefile | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/textproc/apache-solr/Makefile b/textproc/apache-solr/Makefile
index 003e52dda678..1648d1e7f32a 100644
--- a/textproc/apache-solr/Makefile
+++ b/textproc/apache-solr/Makefile
@@ -2,6 +2,7 @@
PORTNAME= apache-solr
PORTVERSION= 8.11.0
+PORTREVISION= 1
CATEGORIES= textproc java
MASTER_SITES= APACHE/lucene/solr/${PORTVERSION}
DISTNAME= solr-${PORTVERSION}
@@ -47,7 +48,7 @@ do-install:
${ECHO} 'SOLR_LOGS_DIR="/var/log/solr"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample
${ECHO} 'SOLR_PORT="8983"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample
${ECHO} 'SOLR_PID_DIR="/var/db/solr"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample
- ${ECHO} 'SOLR_OPTS="$$SOLR_OPTS -Djetty.host=localhost"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample
+ ${ECHO} 'SOLR_OPTS="$$SOLR_OPTS -Djetty.host=localhost -Dlog4j2.formatMsgNoLookups=true"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample
${MKDIR} ${STAGEDIR}/var/db/solr
${MKDIR} ${STAGEDIR}/var/log/solr