Today I've also used a master branch and got the same result.
On Mon, May 20, 2019 at 8:59 PM Tim Allison (JIRA) <[email protected]> wrote: > > [ > https://issues.apache.org/jira/browse/TIKA-2878?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16844167#comment-16844167 > ] > > Tim Allison commented on TIKA-2878: > ----------------------------------- > > Yay! Thank you! > > > Update dependencies for 1.21.1 or 1.22 > > -------------------------------------- > > > > Key: TIKA-2878 > > URL: https://issues.apache.org/jira/browse/TIKA-2878 > > Project: Tika > > Issue Type: Task > > Reporter: Tim Allison > > Priority: Major > > > > And in the category of "stuff you can't make up"...while generating the > javadocs for the 1.21 release: > > We're now getting this in {{tika-parsers}}: > > {noformat} > > c3p0:c3p0:jar:0.9.1.1:compile; > https://ossindex.sonatype.org/component/pkg:maven/c3p0/[email protected] > > * [CVE-2019-5427] Resource Management Errors (7.5); > https://ossindex.sonatype.org/vuln/d25f4c21-9e76-4fc2-9d73-3770aa3aec56 > > {noformat} > > and in {{tika-server}}: > > {noformat} > > * [CVE-2019-10247] Information Exposure (5.3); > https://ossindex.sonatype.org/vuln/47ad4d7e-b9c3-414f-9bfa-1dfaa92b0aba > > * [CVE-2019-10241] Improper Neutralization of Input During Web Page > Generation ("Cross-site Scripting") (6.1); > https://ossindex.sonatype.org/vuln/970aece8-4a1d-4a9e-ab97-0982b13dac4d > > org.eclipse.jetty:jetty-server:jar:9.4.14.v20181114:compile; > https://ossindex.sonatype.org/component/pkg:maven/org.eclipse.jetty/[email protected] > > * [CVE-2019-10247] Information Exposure (5.3); > https://ossindex.sonatype.org/vuln/47ad4d7e-b9c3-414f-9bfa-1dfaa92b0aba > > * [CVE-2019-10241] Improper Neutralization of Input During Web Page > Generation ("Cross-site Scripting") (6.1); > https://ossindex.sonatype.org/vuln/970aece8-4a1d-4a9e-ab97-0982b13dac4d > > {noformat} > > > > -- > This message was sent by Atlassian JIRA > (v7.6.3#76005) >
