(tika) branch branch_3x updated: TIKA-4326: add/update logback because of CVE

Sat, 21 Dec 2024 08:32:09 -0800 

This is an automated email from the ASF dual-hosted git repository.

tilman pushed a commit to branch branch_3x
in repository https://gitbox.apache.org/repos/asf/tika.git


The following commit(s) were added to refs/heads/branch_3x by this push:
     new 132f394c2 TIKA-4326: add/update logback because of CVE
132f394c2 is described below

commit 132f394c24ebfb567e7119dd7f3c06df981ec2ee
Author: Tilman Hausherr <[email protected]>
AuthorDate: Sat Dec 21 17:31:21 2024 +0100

    TIKA-4326: add/update logback because of CVE
---
 tika-parent/pom.xml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/tika-parent/pom.xml b/tika-parent/pom.xml
index 48465407c..8a51ed6b3 100644
--- a/tika-parent/pom.xml
+++ b/tika-parent/pom.xml
@@ -454,6 +454,7 @@
     <zookeeper.version>3.8.4</zookeeper.version>
     <zstd.version>1.5.6-8</zstd.version>
     <nimbus-jose-jwt.version>9.48</nimbus-jose-jwt.version>
+    <logback.version>1.5.13</logback.version>
     <javacpp.version>1.5.11</javacpp.version>
     <maven.site.version>3.8.0</maven.site.version>
     <maven.exec.version>3.5.0</maven.exec.version>
@@ -1006,6 +1007,17 @@
         <artifactId>maven-plugin-annotations</artifactId>
         <version>${maven.plugin.annotations.version}</version>
       </dependency>
+      <!-- for zookeeper to avoid security fail -->
+      <dependency>
+          <groupId>ch.qos.logback</groupId>
+          <artifactId>logback-core</artifactId>
+          <version>${logback.version}</version>
+      </dependency>
+      <dependency>
+          <groupId>ch.qos.logback</groupId>
+          <artifactId>logback-classic</artifactId>
+          <version>${logback.version}</version>
+      </dependency>
       <dependency>
           <groupId>org.bytedeco</groupId>
           <artifactId>hdf5</artifactId>

Reply via email to