You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "Nitin Gupta (Jira)" <ji...@apache.org> on 2022/09/27 03:16:00 UTC
[jira] [Commented] (OAK-9950) Upgrade tika to 1.26
[ https://issues.apache.org/jira/browse/OAK-9950?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17609807#comment-17609807 ]
Nitin Gupta commented on OAK-9950:
----------------------------------
trunk [https://github.com/apache/jackrabbit-oak/commit/277829c198c9bdf583c7dcc06c96ce7f3f9d69b2]
> Upgrade tika to 1.26
> ---------------------
>
> Key: OAK-9950
> URL: https://issues.apache.org/jira/browse/OAK-9950
> Project: Jackrabbit Oak
> Issue Type: Task
> Reporter: Nitin Gupta
> Assignee: Nitin Gupta
> Priority: Major
>
> BDSA-2021-0824 (CVE-2021-28657)
> A carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser up to and including Tika 1.25. Apache Tika users should upgrade to 1.26 or later.
> Used in:
> - [https://github.com/apache/jackrabbit-oak/blob/trunk/oak-parent/pom.xml]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)