[CVE-2017-12629] Upgrade Lucene to 5.5.5

This upgrade fixes CVE-2017-12629 [1]. Although this issue only affects Solr, according to the description, it's probably worth upgrading anyway since there have been several bug fixes in the intermediate versions. See the release notes for 5.5.2 [2], 5.5.4 [3] and 5.5.5 [4] for details. Note: there are no bug fixes listed for 5.5.3. The only reason we didn't upgrade to the latest version before is because we had a dependency on Elasticsearch which had a tight coupling with a specific Lucene version. [1] https://nvd.nist.gov/vuln/detail/CVE-2017-12629 [2] https://lucene.apache.org/core/5_5_2/changes/Changes.html#v5.5.2.bug_fixes [3] https://lucene.apache.org/core/5_5_4/changes/Changes.html#v5.5.4.bug_fixes [4] https://lucene.apache.org/core/5_5_5/changes/Changes.html#v5.5.5.bug_fixes Bug: Issue 9952 Change-Id: I776e2dc10c86dc6761a0a1ce6644ce5ac384509c
author: David Pursehouse <dpursehouse@collab.net> 2018-11-01 15:21:49 +0900
committer: David Pursehouse <dpursehouse@collab.net> 2018-11-05 10:00:39 +0900
commit: fb11ccf5072380899591c05416f557a11cabf6da (patch)
tree: 5961db48802e5bdd9be853ba486944f93822ee3f
parent: bb37eef53aa56af392a01a343888628eab0b49ee (diff)
1 files changed, 6 insertions, 6 deletions
diff --git a/WORKSPACE b/WORKSPACE
index 70c686b8a8..7de37b6afb 100644
--- a/WORKSPACE
+++ b/WORKSPACE
@@ -459,36 +459,36 @@ maven_jar(
     sha1 = "18a9a2ce6abf32ea1b5fd31dae5210ad93f4e5e3",
 )
 
-LUCENE_VERS = "5.5.2"
+LUCENE_VERS = "5.5.5"
 
 maven_jar(
     name = "lucene-core",
     artifact = "org.apache.lucene:lucene-core:" + LUCENE_VERS,
-    sha1 = "de5e5c3161ea01e89f2a09a14391f9b7ed66cdbb",
+    sha1 = "c34bcd9274859dc07cfed2a935aaca90c4f4b861",
 )
 
 maven_jar(
     name = "lucene-analyzers-common",
     artifact = "org.apache.lucene:lucene-analyzers-common:" + LUCENE_VERS,
-    sha1 = "f0bc3114a6b43f8e64a33c471d5b9e8ddc51564d",
+    sha1 = "e6b3f5d1b33ed24da7eef0a72f8062bd4652700c",
 )
 
 maven_jar(
     name = "backward-codecs",
     artifact = "org.apache.lucene:lucene-backward-codecs:" + LUCENE_VERS,
-    sha1 = "c5cfcd7a8cf48a0144b61fb991c8e50a0bf868d5",
+    sha1 = "d1dee5c7676a313758adb30d7b0bd4c69a4cd214",
 )
 
 maven_jar(
     name = "lucene-misc",
     artifact = "org.apache.lucene:lucene-misc:" + LUCENE_VERS,
-    sha1 = "37bbe5a2fb429499dfbe75d750d1778881fff45d",
+    sha1 = "bc0eb46ba0377594cac7b0cdaab35562d7877521",
 )
 
 maven_jar(
     name = "lucene-queryparser",
     artifact = "org.apache.lucene:lucene-queryparser:" + LUCENE_VERS,
-    sha1 = "8ac921563e744463605284c6d9d2d95e1be5b87c",
+    sha1 = "6c965eb5838a2ba58b0de0fd860a420dcda11937",
 )
 
 maven_jar(
author	David Pursehouse <dpursehouse@collab.net>	2018-11-01 15:21:49 +0900
committer	David Pursehouse <dpursehouse@collab.net>	2018-11-05 10:00:39 +0900
commit	fb11ccf5072380899591c05416f557a11cabf6da (patch)
tree	5961db48802e5bdd9be853ba486944f93822ee3f
parent	bb37eef53aa56af392a01a343888628eab0b49ee (diff)