The reports are here: https://corpora.tika.apache.org/base/reports/reports-tika-2.5.0-v-2.6.0.tgz
All looks good to me. Unless there are objections, I'll kick off the release process shortly. On Tue, Nov 1, 2022 at 2:46 PM Tim Allison <[email protected]> wrote: > All, > On the user list, Fred Kurz let us know that there's now a fix > for CVE-2022-42003 (jackson-databind). > Once we upgrade, should we work towards a release over the next few days? > Given the changes since 2.5.0, I'm inclined to 2.6.0. Any objections? > Thank you! > > Best, > > Tim >
