Apache
/
lucene
mirror of https://github.com/apache/lucene.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add changes entries for CVE-2024-45772 and related commits

This commit is contained in:
Uwe Schindler 2024-09-30 17:26:09 +02:00
parent 5ce9f6edca
commit c991212da0
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lucene/CHANGES.txt
View File

@ -318,6 +318,12 @@ Build
======================== Lucene 9.12.0 =======================
Security Fixes
---------------------
* Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator - CVE-2024-45772
(Summ3r from Vidar-Team, Robert Muir, Paul Irwin)
API Changes
---------------------
@ -510,6 +516,8 @@ Other
* GITHUB#13720: Add float comparison based on unit of least precision and use it to stop test failures caused by float
summation not being associative in IEEE 754. (Alex Herbert, Stefan Vodita)
* Remove code triggering forbidden-apis regarding Java serialization. (Uwe Schindler, Robert Muir)
======================== Lucene 9.11.1 =======================
Bug Fixes