Upgrade Solr version for ckan-solr9 to solve security vulnerabilities

[drentawc]

I was wondering if the ckan-solr:2.10-solr9 docker image could be updated to use the newest Apache Solr version (9.7.0) to solve two active security vulnerability found here: https://nvd.nist.gov/vuln/detail/CVE-2024-45216 & https://nvd.nist.gov/vuln/detail/CVE-2024-45217.

Apache Solr has upgraded their own base docker image (latest, slim, and 9) to use this new version rather than the 9.5.0 version that the ckan-solr9 is using.

[drentawc]

@amercader I was able to clone this repo, and use the Makefile to build a new version of the ckan-solr image locally. Since solr has updated their solr-9 image to properly use 9.7.0, this solves the vulnerability issue I was facing. I tried pushing this image change to the docker hub so that other users could use the newer solr version but I did not have the correct docker hub permissions. Would you be able to push this newer docker image to the ckan-solr docker hub? Thank you in advance

[amercader]

@drentawc Sorry I missed this, absolutely, we'll update the images and push new versions asap.

[drentawc]

No worries at all, thank you for updating those images for me!

[amercader]

Images are updated now to Solr 9.7. There are now tags available that include the Solr minor version:

    ckan/ckan-solr:2.11-solr9.7
    ckan/ckan-solr:2.11-solr9.7-spatial
    ckan/ckan-solr:2.10-solr9.7
    ckan/ckan-solr:2.10-solr9.7-spatial

If for some reason someone still needs the previous Solr version (9.5) there are also tags for it:

    ckan/ckan-solr:2.11-solr9.5
    ckan/ckan-solr:2.11-solr9.5-spatial
    ckan/ckan-solr:2.10-solr9.5
    ckan/ckan-solr:2.10-solr9.5-spatial