[ https://issues.apache.org/jira/browse/OAK-9950 ]
Julian Reschke deleted comment on OAK-9950:
-------------------------------------
was (Author: nitigup):
trunk
[https://github.com/apache/jackrabbit-oak/commit/277829c198c9bdf583c7dcc06c96ce7f3f9d69b2]
> Upgrade tika to 1.26
> ---------------------
>
> Key: OAK-9950
> URL: https://issues.apache.org/jira/browse/OAK-9950
> Project: Jackrabbit Oak
> Issue Type: Task
> Reporter: Nitin Gupta
> Assignee: Nitin Gupta
> Priority: Major
> Labels: candidate_oak_1_22
> Fix For: 1.46.0
>
>
> BDSA-2021-0824 (CVE-2021-28657)
> A carefully crafted or corrupt file may trigger an infinite loop in Tika's
> MP3Parser up to and including Tika 1.25. Apache Tika users should upgrade to
> 1.26 or later.
> Used in:
> - [https://github.com/apache/jackrabbit-oak/blob/trunk/oak-parent/pom.xml]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
