You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2021/12/24 07:19:23 UTC
[ofbiz-framework] branch release18.12 updated: Fixed: [SECURITY] Update TIka because of Apache Log4j2 vulnerability (OFBIZ-12474)
This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch release18.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/release18.12 by this push:
new e5b5075 Fixed: [SECURITY] Update TIka because of Apache Log4j2 vulnerability (OFBIZ-12474)
e5b5075 is described below
commit e5b50751269aef89d958fb0683275f14562e9a6c
Author: Jacques Le Roux <ja...@les7arts.com>
AuthorDate: Fri Dec 24 08:15:19 2021 +0100
Fixed: [SECURITY] Update TIka because of Apache Log4j2 vulnerability (OFBIZ-12474)
Apache Tika 1.28 contains a migration to log4j2 (2.17.0) from log4j
as well as several other dependency upgrades. Details can be found in
the changes file:
https://www.apache.org/dist/tika/1.28/CHANGES-1.28.txt
---
build.gradle | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/build.gradle b/build.gradle
index 0190033..3cf4982 100644
--- a/build.gradle
+++ b/build.gradle
@@ -196,8 +196,8 @@ dependencies {
compile 'org.apache.pdfbox:pdfbox:2.0.24'
compile 'org.apache.shiro:shiro-core:1.4.0'
compile 'org.apache.sshd:sshd-core:1.7.0'
- compile 'org.apache.tika:tika-core:1.26'
- compile 'org.apache.tika:tika-parsers:1.26'
+ compile 'org.apache.tika:tika-core:1.28'
+ compile 'org.apache.tika:tika-parsers:1.28'
compile 'org.apache.tomcat:tomcat-catalina-ha:9.0.54'
compile 'org.apache.tomcat:tomcat-catalina:9.0.54'
compile 'org.apache.tomcat:tomcat-jasper:9.0.54'