You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tika.apache.org by ti...@apache.org on 2022/07/09 03:54:13 UTC
[tika] branch main updated: TIKA-3795: add exclusion for jetty-io
This is an automated email from the ASF dual-hosted git repository.
tilman pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tika.git
The following commit(s) were added to refs/heads/main by this push:
new 0f5570691 TIKA-3795: add exclusion for jetty-io
0f5570691 is described below
commit 0f5570691133c75ac4472c3340354a6c4080b104
Author: Tilman Hausherr <ti...@apache.org>
AuthorDate: Sat Jul 9 05:54:05 2022 +0200
TIKA-3795: add exclusion for jetty-io
---
tika-parent/pom.xml | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/tika-parent/pom.xml b/tika-parent/pom.xml
index 69388e8c9..66cb2e556 100644
--- a/tika-parent/pom.xml
+++ b/tika-parent/pom.xml
@@ -828,6 +828,12 @@
<artifactId>commons-dbcp</artifactId>
<version>1.4</version>
</exclude>
+ <exclude>
+ <!-- CVE-2022-2191 applies to jetty 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 -->
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-io</artifactId>
+ <version>9.4.48.v20220622</version>
+ </exclude>
</excludeCoordinates>
<fail>true</fail>
</configuration>