Known Issues in Apache Solr
This topic describes known issues and workarounds for using Solr in this release of Cloudera Runtime.
Technical Service Bulletins
- TSB 2022-535: Ranger audit retention settings in Solr are not honored
- The audits present in the ranger_audits collection in the Solr service of Data Lake do not get deleted based on the retention period set. The default retention period is 90 days.
This is caused by the incorrect order of processors in the configuration (solrconfig.xml) used by the ranger_audits collection.
- Knowledge article
- For the latest update on this issue see the corresponding Knowledge article: TSB 2021-535: Ranger audit retention settings in Solr are not honored.
- TSB 2021-497: CVE-2021-27905: Apache Solr SSRF vulnerability with the Replication handler
- The Apache Solr ReplicationHandler (normally registered at "/replication" under a Solr core) has a "masterUrl" (also "leaderUrl" alias) parameter. The “masterUrl” parameter is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To help prevent the CVE-2021-27905 SSRF vulnerability, Solr should check these parameters against a similar configuration used for the "shards" parameter.
- Knowledge article
- For the latest update on this issue see the corresponding Knowledge article: TSB 2021-497: CVE-2021-27905: Apache Solr SSRF vulnerability with the Replication handler
