[
https://issues.apache.org/jira/browse/DRILL-8164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17508656#comment-17508656
]
ASF GitHub Bot commented on DRILL-8164:
---------------------------------------
luocooong commented on pull request #2493:
URL: https://github.com/apache/drill/pull/2493#issuecomment-1072203334
@jnturton Thanks for the question. Yes, version 2.16.0 could not resolve the
safety issues. Actually, I hope that new progress will be made in the
discussions
[here](https://github.com/drewnoakes/metadata-extractor/issues/561), not that
the issue has been put on hold.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
> Upgrade metadata-extractor because of CVE-2022-24613
> ----------------------------------------------------
>
> Key: DRILL-8164
> URL: https://issues.apache.org/jira/browse/DRILL-8164
> Project: Apache Drill
> Issue Type: Task
> Affects Versions: 1.20.0
> Reporter: Cong Luo
> Assignee: Cong Luo
> Priority: Major
>
> Please note that the *metadata-extractor* is only used for format-image, so
> we should not define the version in the root *pom.xml* file.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
