lucene-solr (3.6.0+dfsg-1+deb7u4) wheezy-security; urgency=high

  * CVE-2018-1308: Prevent an issue where an XML external entity expansion
    (XXE) vulnerability could be used to to read arbitrary local files from the
    Solr server or the internal network. (Closes: #896604)

 -- Chris Lamb <lamby@debian.org>  Tue, 24 Apr 2018 10:29:21 +0200

lucene-solr (3.6.0+dfsg-1+deb7u3) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS team.
  * Fix CVE-2017-12629: possible remote code execution by exploiting XXE. For
    security reasons the RunExecutableListener class was permanently removed.
  * Update debian/conf/solrconfig.xml and remove example configuration for.
    RunExecutableListener which had to be removed for security reasons.

 -- Markus Koschany <apo@debian.org>  Sun, 21 Jan 2018 20:09:22 +0100

lucene-solr (3.6.0+dfsg-1+deb7u2) wheezy-security; urgency=high

  * Non-maintainer upload by the Debian LTS team.
  * Fix FTBFS, add tomcat-coyote.jar to debian/build-jars
  * CVE-2017-3163: fix ReplicationHandler path traversal vulnerability

 -- Lucas Kanashiro <kanashiro@debian.org>  Fri, 21 Jul 2017 14:02:58 -0300

lucene-solr (3.6.0+dfsg-1+deb7u1) wheezy-security; urgency=low

  * CVE-2013-6397 CVE-2013-6407 CVE-2013-6408

 -- Moritz Muehlenhoff <jmm@debian.org>  Fri, 13 Jun 2014 17:55:09 +0000

lucene-solr (3.6.0+dfsg-1) unstable; urgency=low

  * Initial release. (Closes: #594027)

 -- James Page <james.page@ubuntu.com>  Tue, 29 May 2012 17:32:24 +0100
