[
https://issues.apache.org/jira/browse/DRILL-8164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17507473#comment-17507473
]
ASF GitHub Bot commented on DRILL-8164:
---------------------------------------
jnturton commented on pull request #2493:
URL: https://github.com/apache/drill/pull/2493#issuecomment-1068970869
Unfortunately I think that metadata-extractor 2.16 is still vulnerable to
CVE-2022-24613 and I cannot see any newer version.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
> Upgrade metadata-extractor because of CVE-2022-24613
> ----------------------------------------------------
>
> Key: DRILL-8164
> URL: https://issues.apache.org/jira/browse/DRILL-8164
> Project: Apache Drill
> Issue Type: Task
> Affects Versions: 1.20.0
> Reporter: Cong Luo
> Assignee: Cong Luo
> Priority: Major
>
> Please note that the *metadata-extractor* is only used for format-image, so
> we should not define the version in the root *pom.xml* file.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
