[
https://issues.apache.org/jira/browse/SOLR-17901?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18044729#comment-18044729
]
Isabelle Giguere commented on SOLR-17901:
-----------------------------------------
IMHO, and looking at PR 3780:
Since Solr 9.x already supports either in-process or Tika Server, and it
clearly documents that in-process Tika disappears in Solr 10, I don't think
there's a need to remove in-process Tika from 9.11... Provided Solr 10 becomes
available soon-ish (10.0-alpha is available).
Supporting both in-process and Tika Server can allow users to start changing
their integration. And keeping an old Tika can just help in pushing people to
the new Tika Server integration.
I'm willing to keep busy, but, this doesn't seem to be worth the effort.
> CVE-2024-21742: vulnerability in apache-mime4j-core 0.8.4 dependency
> --------------------------------------------------------------------
>
> Key: SOLR-17901
> URL: https://issues.apache.org/jira/browse/SOLR-17901
> Project: Solr
> Issue Type: Bug
> Affects Versions: 9.9.0
> Reporter: Alexander Veit
> Priority: Major
> Labels: security
>
> {{org.apache.james:apache-mime4j-core:0.8.4}} (Apr 2021) which is included in
> Solr 9.9.0 comes with CVE-2024-21742 (Score 5.3).
> https://nvd.nist.gov/vuln/detail/CVE-2024-21742
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
