You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tika.apache.org by ta...@apache.org on 2022/02/03 14:35:09 UTC
[tika] branch branch_1x updated: TIKA-3671 -- general upgrades with some security upgrades.
This is an automated email from the ASF dual-hosted git repository.
tallison pushed a commit to branch branch_1x
in repository https://gitbox.apache.org/repos/asf/tika.git
The following commit(s) were added to refs/heads/branch_1x by this push:
new ab950dc TIKA-3671 -- general upgrades with some security upgrades.
ab950dc is described below
commit ab950dccccb6741aa02af7af62da90bacd1f00f4
Author: tballison <ta...@apache.org>
AuthorDate: Thu Feb 3 09:34:54 2022 -0500
TIKA-3671 -- general upgrades with some security upgrades.
---
CHANGES.txt | 4 ++++
tika-parent/pom.xml | 2 +-
tika-parsers/pom.xml | 14 +++++++-------
tika-server/pom.xml | 2 +-
4 files changed, 13 insertions(+), 9 deletions(-)
diff --git a/CHANGES.txt b/CHANGES.txt
index f3fe6d2..6967d6a 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,3 +1,7 @@
+Release 1.28.1 - ???
+ * Security upgrades: xerces, log4j2, junrar and protobuf
+ (TIKA-3671 and TIKA-3638).
+
Release 1.28 - 12/19/2021
* Upgrade log4j to 2.17.0 (TIKA-3625)
diff --git a/tika-parent/pom.xml b/tika-parent/pom.xml
index ffd5adf..f590fc8 100644
--- a/tika-parent/pom.xml
+++ b/tika-parent/pom.xml
@@ -280,7 +280,7 @@
<guava.version>31.0.1-jre</guava.version>
<osgi.core.version>6.0.0</osgi.core.version>
- <cxf.version>3.4.5</cxf.version>
+ <cxf.version>3.5.0</cxf.version>
<slf4j.version>1.7.32</slf4j.version>
<log4j2.version>2.17.1</log4j2.version>
<jackson.version>2.13.1</jackson.version>
diff --git a/tika-parsers/pom.xml b/tika-parsers/pom.xml
index dcd0ad0..604e821 100644
--- a/tika-parsers/pom.xml
+++ b/tika-parsers/pom.xml
@@ -93,7 +93,7 @@
<dependency>
<groupId>com.fasterxml.woodstox</groupId>
<artifactId>woodstox-core</artifactId>
- <version>6.2.7</version>
+ <version>6.2.8</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
@@ -336,7 +336,7 @@
<dependency>
<groupId>com.rometools</groupId>
<artifactId>rome</artifactId>
- <version>1.16.0</version>
+ <version>1.18.0</version>
<exclusions>
<exclusion>
<groupId>org.jdom</groupId>
@@ -377,7 +377,7 @@
<dependency>
<groupId>com.github.junrar</groupId>
<artifactId>junrar</artifactId>
- <version>7.4.0</version>
+ <version>7.4.1</version>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
@@ -422,7 +422,7 @@
<dependency>
<groupId>org.xerial</groupId>
<artifactId>sqlite-jdbc</artifactId>
- <version>3.36.0</version>
+ <version>3.36.0.3</version>
<scope>provided</scope>
</dependency>
@@ -569,19 +569,19 @@
<dependency>
<groupId>com.beust</groupId>
<artifactId>jcommander</artifactId>
- <version>1.81</version>
+ <version>1.82</version>
</dependency>
<!--TIKA 2672 include a later version of jna as a direct dependency to resolve dependency convergence with tika-dl's
deeplearning4j-nn:1.0.0-SNAPSHOT -->
<dependency>
<groupId>net.java.dev.jna</groupId>
<artifactId>jna</artifactId>
- <version>5.8.0</version>
+ <version>5.10.0</version>
</dependency>
<dependency>
<groupId>com.google.protobuf</groupId>
<artifactId>protobuf-java</artifactId>
- <version>3.15.6</version>
+ <version>3.19.4</version>
</dependency>
<dependency>
<groupId>edu.ucar</groupId>
diff --git a/tika-server/pom.xml b/tika-server/pom.xml
index 2530b3e..667dbdb 100644
--- a/tika-server/pom.xml
+++ b/tika-server/pom.xml
@@ -29,7 +29,7 @@
<url>http://tika.apache.org/</url>
<properties>
- <cxf.micrometer.version>1.8.1</cxf.micrometer.version>
+ <cxf.micrometer.version>1.8.2</cxf.micrometer.version>
<micrometer-extras.version>0.2.2</micrometer-extras.version>
</properties>