[
https://issues.apache.org/jira/browse/SLING-12184?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17793699#comment-17793699
]
Carsten Ziegeler commented on SLING-12184:
------------------------------------------
Well, I don't think it contradicts it, I didn't look at dependabot at all. But
I see your point.
I don't see a problem with using the version I updated to as even that one is 5
years old.
If you feel strong about it, please reopen this issue.
> Require at least Apache Tika 1.20
> ---------------------------------
>
> Key: SLING-12184
> URL: https://issues.apache.org/jira/browse/SLING-12184
> Project: Sling
> Issue Type: Improvement
> Components: Commons
> Reporter: Carsten Ziegeler
> Assignee: Carsten Ziegeler
> Priority: Major
> Fix For: Commons MIME 2.3.0
>
>
> In order to avoid that clients use a vulnerable Apache Tika version, we
> should increase the minimum version required to at least 1.20
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
