You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "Nitin Gupta (Jira)" <ji...@apache.org> on 2022/09/27 03:16:00 UTC

[jira] [Commented] (OAK-9950) Upgrade tika to 1.26

    [ https://issues.apache.org/jira/browse/OAK-9950?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17609807#comment-17609807 ] 

Nitin Gupta commented on OAK-9950:
----------------------------------

trunk [https://github.com/apache/jackrabbit-oak/commit/277829c198c9bdf583c7dcc06c96ce7f3f9d69b2] 

> Upgrade tika to 1.26 
> ---------------------
>
>                 Key: OAK-9950
>                 URL: https://issues.apache.org/jira/browse/OAK-9950
>             Project: Jackrabbit Oak
>          Issue Type: Task
>            Reporter: Nitin Gupta
>            Assignee: Nitin Gupta
>            Priority: Major
>
> BDSA-2021-0824 (CVE-2021-28657)
> A carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser up to and including Tika 1.25. Apache Tika users should upgrade to 1.26 or later.
> Used in:
>  - [https://github.com/apache/jackrabbit-oak/blob/trunk/oak-parent/pom.xml]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)