[
https://issues.apache.org/jira/browse/NIFI-9869?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17517662#comment-17517662
]
ASF subversion and git services commented on NIFI-9869:
-------------------------------------------------------
Commit 118b205e8a14e59fd40383db33c76570db4c7ba5 in nifi's branch
refs/heads/support/nifi-1.16 from David Handermann
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=118b205e8a ]
NIFI-9869 Upgraded Apache POI from 5.0.0 to 5.2.2
- Upgraded direct dependencies in nifi-email-processors and nifi-poi-processors
- Upgraded transitive dependency in nifi-media-bundle
This closes #5927
Signed-off-by: Mike Thomsen <[email protected]>
> Upgrade Apache POI to 5.2.2
> ---------------------------
>
> Key: NIFI-9869
> URL: https://issues.apache.org/jira/browse/NIFI-9869
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Extensions
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Minor
> Labels: dependency-upgrade, security
> Fix For: 1.17.0, 1.16.1
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> Several extension modules use Apache POI for parsing Microsoft Office
> documents. Apache POI version 5.2.2 includes several bug fixes, including a
> resolution for CVE-2022-26336, which impacts poi-scratchpad.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
