You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@tika.apache.org by cahu <ca...@suse.de> on 2022/05/17 16:05:38 UTC

Question regarding CVE-2022-30126

Hi,

I have a question regarding CVE-2022-30126 as announced in [0]. 
Could you point me to the commit that fixes the CVE in Version 1.28.2?
I only found [1], which is only available in 2.4.0, which is why I was
wondering if that is the right fix. 

Thank you very much!

Kind regards,

Cathy Hu


[0] https://lists.apache.org/thread/dh3syg68nxogbmlg13srd6gjn3h2z6r4
[1]
https://github.com/apache/tika/commit/83b0de4d60161ebd4bc224141a959ac8c18d95f4

-- 
Cathy Hu <ca...@suse.de>
Security Engineer
GPG: 5873 CFD1 8C0E A6D4 9CBB F6C4 062A 1016 1505 A08A

SUSE Software Solutions Germany GmbH
Frankenstrasse 146
90461 Nürnberg

Geschäftsführer: Ivo Totev, Andrew Myers, Andrew McDonald, Martje
Boudien Moerman (HRB 36809, AG Nürnberg)