You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@ofbiz.apache.org by "Jacques Le Roux (Jira)" <ji...@apache.org> on 2021/12/24 07:12:00 UTC

[jira] [Created] (OFBIZ-12474) [SECURITY] Update TIka because of Apache Log4j2 vulnerability

Jacques Le Roux created OFBIZ-12474:
---------------------------------------

             Summary: [SECURITY] Update TIka because of Apache Log4j2 vulnerability
                 Key: OFBIZ-12474
                 URL: https://issues.apache.org/jira/browse/OFBIZ-12474
             Project: OFBiz
          Issue Type: Bug
          Components: Gradle
    Affects Versions: 18.12.04, Upcoming Branch
            Reporter: Jacques Le Roux
            Assignee: Jacques Le Roux


The Apache Tika project is pleased to announce the release of Apache
Tika 1.28. The release contents have been pushed out to the main
Apache release site and to the Maven Central sync.

Apache Tika is a toolkit for detecting and extracting metadata and
structured text content from various documents using existing parser
libraries.

Apache Tika 1.28 contains a migration to log4j2 (2.17.0) from log4j
as well as several other dependency upgrades. Details can be found in
the changes file:
https://www.apache.org/dist/tika/1.28/CHANGES-1.28.txt

Apache Tika is available on the download page:
https://tika.apache.org/download.html

Apache Tika is also available in binary form or for use using Maven 2
from the Central Repository:
https://repo1.maven.org/maven2/org/apache/tika/

When downloading, please remember to verify the downloads using
signatures found: https://www.apache.org/dist/tika/KEYS

For more information on Apache Tika, visit the project home page:
https://tika.apache.org/

-- Tim Allison, on behalf of the Apache Tika community




--
This message was sent by Atlassian Jira
(v8.20.1#820001)