[ 
https://issues.apache.org/jira/browse/TIKA-2561?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16350406#comment-16350406
 ] 

Hudson commented on TIKA-2561:
------------------------------

SUCCESS: Integrated in Jenkins build Tika-trunk #1429 (See 
[https://builds.apache.org/job/Tika-trunk/1429/])
TIKA-2561 -- update jsoup version in grib parser to avoid xss vuln (tallison: 
[https://github.com/apache/tika/commit/c80241952fa2f515687c6479768d24d7e907653c])
* (edit) tika-parsers/pom.xml


> Tika Parser includes oudated/vulnerable version of JSoup
> --------------------------------------------------------
>
>                 Key: TIKA-2561
>                 URL: https://issues.apache.org/jira/browse/TIKA-2561
>             Project: Tika
>          Issue Type: Bug
>          Components: parser
>    Affects Versions: 1.17
>            Reporter: Asela
>            Priority: Major
>             Fix For: 2.0, 1.18
>
>
> org.apache.tika:tika-parsers:1.17 pulls in dependency JSoup 1.7.2.
>  
> JSoup versions older than 1.8.3 have a vulnerability in parsing.
>  
> https://nvd.nist.gov/vuln/detail/CVE-2015-6748



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to