textproc/apache-solr: disable format lookup for log4j
As recommended here: https://solr.apache.org/news.html#apache-solr-affected-by-apache-log4j-cve-2021-44228 disable lookup that opens a security vulnerability with log4j < 2.15.0. This is a mitigation for CVE-2021-44228. PR: 260373
This commit is contained in:
parent
f1d86749b6
commit
7604d31e30
|
@ -2,6 +2,7 @@
|
|||
|
||||
PORTNAME= apache-solr
|
||||
PORTVERSION= 8.11.0
|
||||
PORTREVISION= 1
|
||||
CATEGORIES= textproc java
|
||||
MASTER_SITES= https://archive.apache.org/dist/lucene/solr/${PORTVERSION}/
|
||||
DISTNAME= solr-${PORTVERSION}
|
||||
|
@ -47,7 +48,7 @@ do-install:
|
|||
${ECHO} 'SOLR_LOGS_DIR="/var/log/solr"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample
|
||||
${ECHO} 'SOLR_PORT="8983"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample
|
||||
${ECHO} 'SOLR_PID_DIR="/var/db/solr"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample
|
||||
${ECHO} 'SOLR_OPTS="$$SOLR_OPTS -Djetty.host=localhost"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample
|
||||
${ECHO} 'SOLR_OPTS="$$SOLR_OPTS -Djetty.host=localhost -Dlog4j2.formatMsgNoLookups=true"' >> ${STAGEDIR}${PREFIX}/etc/solr.in.sh.sample
|
||||
|
||||
${MKDIR} ${STAGEDIR}/var/db/solr
|
||||
${MKDIR} ${STAGEDIR}/var/log/solr
|
||||
|
|
Loading…
Reference in New Issue
Block a user