On Tue, 11 Jun 2013, Damiano Albani wrote:
Thanks to the quick response from you guys, the issue is now fixed in the trunk <https://issues.apache.org/bugzilla/show_bug.cgi?id=54682>. Would you consider releasing an intermediary 3.9.1-like version of the * poi-scratchpad* artifact, which would include (at least) this fix?
We're planning a POI 3.10 beta 1 release shortly. (We'll likely kick off the release vote a few days after Dominik gets back from holiday, once he's applied his outstanding patches!). Most likely, we'd then do a final release a month or so later.
I'm a user of ModeShape, a Java Content Repository implementation. In the latest release, developers of ModeShape have disabled POI integration due to a security vulnerability<https://issues.jboss.org/browse/MODE-1934>
Not sure how sensible disabling for that one bug is. There are perfectly legitimite, valid, validating files out there which can cause Tika (via POI, or a number of other libraries it uses) to munch all your memory. Either you shrug and roll with it, or you run Tika in another VM (eg the Tika Server mode) so that you can restart it in the situation where you hit such a file.
Nick --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
