[ https://issues.apache.org/jira/browse/OFBIZ-10826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16756010#comment-16756010 ]
Deepak Dixit commented on OFBIZ-10826: -------------------------------------- This has been fixed in R17.12 framework at r#1852517 If we want to backport this to 16.11, we need to update apache poi to atleast 3.17 > Upgrade Apache Tika to 1.20 (CVE-2018-8017/CVE-2018-17197) > ---------------------------------------------------------- > > Key: OFBIZ-10826 > URL: https://issues.apache.org/jira/browse/OFBIZ-10826 > Project: OFBiz > Issue Type: Bug > Affects Versions: Trunk, 17.12.01, 16.11.05, 18.12.01 > Reporter: Deepak Dixit > Assignee: Deepak Dixit > Priority: Major > > Need to upgrade Apache tika to 1.20. > Here are the several security vulnerabilities reported for Apache Tika > https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=%22Apache%20tika%22 -- This message was sent by Atlassian JIRA (v7.6.3#76005)