You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-dev@james.apache.org by "Benoit Tellier (Jira)" <se...@james.apache.org> on 2020/03/23 11:45:00 UTC

[jira] [Created] (JAMES-3124) Recomend upgrading to Tika 1.24

Benoit Tellier created JAMES-3124:
-------------------------------------

             Summary: Recomend upgrading to Tika 1.24
                 Key: JAMES-3124
                 URL: https://issues.apache.org/jira/browse/JAMES-3124
             Project: James Server
          Issue Type: New Feature
            Reporter: Benoit Tellier


Prior 1.24, Tika is subject to 2 CVEs:

 - [CVE-2020-1951] Infinite Loop (DoS) vulnerability in Apache Tika's PSDParser
 - [CVE-2020-1950] Excessive memory usage (DoS) vulnerability in Apache Tika's PSDParser

We need to test & recommend the upgrade 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org