Loading...

XML

Word

Printable

Type: Task
Resolution: Done
Priority: Neutral
Fix Version/s: BOM 6.2.23
Affects Version/s: None
Component/s: BOM
Labels:
- foundation_team

Template:
Acceptance criteria:

show more show less
Task DoR:

Empty

show more show less
Release notes required:

Yes

Waiting for JackRabbit 2.20.6 which is using Tika 2.4.0 (not vulnerable for now), see also https://issues.apache.org/jira/browse/JCR-4787

Skipped 2.20.5 released on 10th March 2022 https://jackrabbit.apache.org/jcr/downloads.html#v2.20 as it has vulnerable Tika version (see BUILD-813).
Let's see if it is possible to bump Tika to a non vulnerable 2.x version, since Tika 1.x will be EoL as of 30th September 2022. https://lists.apache.org/thread/yq6n7o01kw544dvj1jsoqk29g6yqjkp3

Acceptance criteria

is duplicated by

BUILD-755 Update JR to 2.20.5

Closed

is related to

MGNLEESOLR-172 Exclude dependency on tika-parsers 1.x

Closed

relates to

BUILD-663 Dismiss h2 vulnerabilities

Closed

mentioned in: Page Loading...

1.

Check compatibility of junjar license with GPLv3

Closed

Jan Haderka

Assignee:: Federico Grilli

Reporter:: Federico Grilli

Team:: Foundation

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 10/Feb/22 1:01 PM

Updated:: 19/Oct/22 4:58 PM

Resolved:: 08/Aug/22 5:05 PM

Date of First Response:: 02/Mar/22 12:18 PM

Task DoR