(tika) branch branch_2x updated: TIKA-4239: add version and exclusion for hdf5

Mon, 20 May 2024 00:18:38 -0700 

This is an automated email from the ASF dual-hosted git repository.

tilman pushed a commit to branch branch_2x
in repository https://gitbox.apache.org/repos/asf/tika.git


The following commit(s) were added to refs/heads/branch_2x by this push:
     new 0da543642 TIKA-4239: add version and exclusion for hdf5
0da543642 is described below

commit 0da54364291b94c92956a580ae124c48988e6c3d
Author: Tilman Hausherr <[email protected]>
AuthorDate: Mon May 20 09:18:17 2024 +0200

    TIKA-4239: add version and exclusion for hdf5
---
 tika-parent/pom.xml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/tika-parent/pom.xml b/tika-parent/pom.xml
index 0230308e0..36cb6e90f 100644
--- a/tika-parent/pom.xml
+++ b/tika-parent/pom.xml
@@ -338,6 +338,7 @@
     <!-- fakeload versions > 0.4.0 require java > 8 -->
     <fakeload.version>0.4.0</fakeload.version>
     <guava.version>33.2.0-jre</guava.version>
+    <hdf5.version>1.14.3-1.5.10</hdf5.version>
     <httpcomponents.version>4.5.14</httpcomponents.version>
     <httpcore.version>4.4.16</httpcore.version>
     <!-- versions greater than 62.2 are not compatible with icu4j handler in 
lucene 8.11.1 -->
@@ -983,6 +984,16 @@
           <artifactId>stax2-api</artifactId>
           <version>4.2.2</version>
       </dependency>
+      <dependency>
+          <groupId>org.bytedeco</groupId>
+          <artifactId>hdf5</artifactId>
+          <version>${hdf5.version}</version>
+      </dependency>
+      <dependency>
+          <groupId>org.bytedeco</groupId>
+          <artifactId>hdf5-platform</artifactId>
+          <version>${hdf5.version}</version>
+      </dependency>
     </dependencies>
   </dependencyManagement>
 
@@ -1109,6 +1120,19 @@
               <artifactId>threetenbp</artifactId>
               <version>1.6.9</version>
             </coordinate>
+            <!-- while waiting for 1.14.4 to appear on maven central, see
+                 
https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
+            -->
+            <coordinate>
+                <groupId>org.bytedeco</groupId>
+                <artifactId>hdf5</artifactId>
+                <version>1.14.3-1.5.10</version>
+            </coordinate>
+            <coordinate>
+                <groupId>org.bytedeco</groupId>
+                <artifactId>hdf5-platform</artifactId>
+                <version>1.14.3-1.5.10</version>
+            </coordinate>
           </excludeCoordinates>
           <fail>true</fail>
         </configuration>

Reply via email to