[tika] branch branch_2x updated: update some dependencies

Tue, 17 Oct 2023 06:52:28 -0700 

This is an automated email from the ASF dual-hosted git repository.

tallison pushed a commit to branch branch_2x
in repository https://gitbox.apache.org/repos/asf/tika.git


The following commit(s) were added to refs/heads/branch_2x by this push:
     new d8a85c7c7 update some dependencies
d8a85c7c7 is described below

commit d8a85c7c709cdd8f1dcc515eca1005ca325f0560
Author: tallison <talli...@apache.org>
AuthorDate: Tue Oct 17 09:51:22 2023 -0400

    update some dependencies
---
 tika-parent/pom.xml | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/tika-parent/pom.xml b/tika-parent/pom.xml
index 69c14fdfd..79e5952c1 100644
--- a/tika-parent/pom.xml
+++ b/tika-parent/pom.xml
@@ -306,7 +306,7 @@
 
     <!-- dependency versions -->
     <google.cloud.version>2.28.0</google.cloud.version>
-    <aws.version>1.12.565</aws.version>
+    <aws.version>1.12.567</aws.version>
     <!-- WARNING: when you upgrade asm make sure that you update the
         OpCode in the initializer in 
org.apache.tika.parser.asm.XHTMLClassVisitor
         See TIKA-2992.
@@ -331,7 +331,7 @@
     <commons.fileupload.version>1.5</commons.fileupload.version>
     <ctakes.version>4.0.0.1</ctakes.version>
     <!-- can't update to 3.6.0, needs jdk11 ? -->
-    <cxf.version>3.5.6</cxf.version>
+    <cxf.version>3.5.7</cxf.version>
     <ddplist.version>1.27</ddplist.version>
     <dl4j.version>1.0.0-M2</dl4j.version>
     <!-- fakeload versions > 0.4.0 require java > 8 -->
@@ -343,7 +343,7 @@
     <icu4j.version>62.2</icu4j.version>
     <imageio.version>1.4.0</imageio.version>
     <jackrabbit.version>2.21.19</jackrabbit.version>
-    <jackson.version>2.15.2</jackson.version>
+    <jackson.version>2.15.3</jackson.version>
     <javax.annotation.version>1.3.2</javax.annotation.version>
     <javax.jcr.version>2.0</javax.jcr.version>
     <javax.rest.version>2.1.1</javax.rest.version>
@@ -1061,12 +1061,6 @@
                 <artifactId>h2</artifactId>
                 <version>2.2.224</version>
             </exclude>
-            <!-- Project disagrees with CVE 
https://github.com/FasterXML/jackson-databind/issues/3972 -->
-            <exclude>
-                <groupId>com.fasterxml.jackson.core</groupId>
-                <artifactId>jackson-databind</artifactId>
-                <version>2.15.2</version>
-            </exclude>
           </excludeCoordinates>
           <fail>true</fail>
         </configuration>

Reply via email to