diff options
author | Matthias Fechner <mfechner@FreeBSD.org> | 2021-12-13 15:04:44 +0000 |
---|---|---|
committer | Matthias Fechner <mfechner@FreeBSD.org> | 2021-12-13 15:11:05 +0000 |
commit | 7604d31e30b4c523981eb3fd1b41cc5697f94a26 (patch) | |
tree | 7ae31ce872da5449d61766402851ee9eb47f4e4e | |
parent | f1d86749b6cf9e2b7d50b23a2c917db6093f1a91 (diff) | |
download | ports-7604d31e30b4c523981eb3fd1b41cc5697f94a26.tar.gz ports-7604d31e30b4c523981eb3fd1b41cc5697f94a26.zip |
textproc/apache-solr: disable format lookup for log4j
As recommended here:
https://solr.apache.org/news.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
disable lookup that opens a security vulnerability with log4j < 2.15.0.
This is a mitigation for CVE-2021-44228.
PR: 260373
-rw-r--r-- | textproc/apache-solr/Makefile | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/textproc/apache-solr/Makefile b/textproc/apache-solr/Makefile index fd8f252976af..39b17fd284a6 100644 --- a/textproc/apache-solr/Makefile +++ b/textproc/apache-solr/Makefile @@ -2,6 +2,7 @@ PORTNAME= apache-solr PORTVERSION= 8.11.0 +PORTREVISION= 1 CATEGORIES= textproc java MASTER_SITES= https://archive.apache.org/dist/lucene/solr/${PORTVERSION}/ DISTNAME= solr-${PORTVERSION} @@ -47,7 +48,7 @@ do-install: ${ECHO} 'SOLR_LOGS_DIR="/var/log/solr"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample ${ECHO} 'SOLR_PORT="8983"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample ${ECHO} 'SOLR_PID_DIR="/var/db/solr"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample - ${ECHO} 'SOLR_OPTS="$$SOLR_OPTS -Djetty.host=localhost"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample + ${ECHO} 'SOLR_OPTS="$$SOLR_OPTS -Djetty.host=localhost -Dlog4j2.formatMsgNoLookups=true"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample ${MKDIR} ${STAGEDIR}/var/db/solr ${MKDIR} ${STAGEDIR}/var/log/solr |