ncy castle version used by
> Tika 1.17 is vulnerable
> --
>
> Key: TIKA-2577
> URL: https://issues.apache.org/jira/browse/TIKA-2577
> Project:
the
{{versions-maven-plugin}} so that we can track updates more easily.
> Sonatype Nexus Auditor is reporting that the Bouncy castle version used by
> Tika 1.17 is vulnerable
> --
>
>
ncy castle version used by
> Tika 1.17 is vulnerable
> --
>
> Key: TIKA-2577
> URL: https://issues.apache.org/jira/browse/TIKA-2577
> Project:
. Hopefully, that will solve this problem. Please reopen
if it doesn't.
> Tika 1.17 uses the wrong classloader for reflection
> ---
>
> Key: TIKA-2693
> URL: https://issues.apache.org/jira/b
and 62592 in POI.
> Tika 1.17 uses the wrong classloader for reflection
> ---
>
> Key: TIKA-2693
> URL: https://issues.apache.org/jira/browse/TIKA-2693
> Project: Tika
>
not supposed to work 100%.
Anyway, if he responds to my inquiry I will request he build new jars from the
branch that Tim created and see if they all work.
> Tika 1.17 uses the wrong classloader for reflection
> ---
>
>
[
https://issues.apache.org/jira/browse/TIKA-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16574001#comment-16574001
]
Tim Allison commented on TIKA-2693:
---
Yikes! I hope all will be well. No rush on our part!
> Tika 1
out will
take a while.
We have agreed to hold our release until this code ships. For clients that
need the fix before that I am happy to build from your branch.
> Tika 1.17 uses the wrong classloader for reflection
> ---
>
>
. It requires that
you've installed POI-4.0.0-SNAPSHOT in your local .m2 repo.
In haste, I removed some of the 1.x metadata keys that I'll need to put back
for 1.19, but this should get us at least started.
Let me know if there's anything I can do to make this easier.
> Tika 1.17 uses the wr
a branch that will depend on local installation of 4.0.0-SNAPSHOT.
Karl, would you be willing to build that locally and test?
> Tika 1.17 uses the wrong classloader for reflection
> ---
>
> Key: TIKA-2693
>
/snapshot is
[here|https://builds.apache.org/view/P/view/POI/job/POI-DSL-1.8/lastSuccessfulBuild/artifact/build/dist/]
[~talli...@apache.org] Can you provide a Tika snapshot with your POI 4.0.0
changes?
> Tika 1.17 uses the wrong classloader for reflect
[
https://issues.apache.org/jira/browse/TIKA-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16573793#comment-16573793
]
Tim Allison commented on TIKA-2693:
---
What can I do to help?
> Tika 1.17 uses the wrong classloa
|https://bz.apache.org/bugzilla/show_bug.cgi?id=62564] and actually we
don't know if this solves the issue. So 3.17 is a deal-breaker and we need to
test on the SNAPSHOTs if it is working now.
> Tika 1.17 uses the wrong classloader for reflect
?
> Tika 1.17 uses the wrong classloader for reflection
> ---
>
> Key: TIKA-2693
> URL: https://issues.apache.org/jira/browse/TIKA-2693
> Project: Tika
> Issue Type: Bug
>
going to
recommend holding off shipping MCF 2.11 until we either have a 1.19 Tika, or we
know we're not going to get it soon. Hopefully that helps. ;-)
> Tika 1.17 uses the wrong classloader for reflection
> ---
>
> Ke
Sept.?
[1] All time units and estimates are in “open source time” and may have little
connection to an actual calendar.
> Tika 1.17 uses the wrong classloader for reflection
> ---
>
> Key: TIKA-2693
>
look forward
to upgrading POI to 4.0.0 as soon as it’s available...might make it into 1.19?
If not, we can roll 1.20 in early/mid Sept.?
[1] All time units and estimates are in “open source time” and may have little
connection to an actual calendar.
> Tika 1.17 uses the wrong classloa
ented on TIKA-2693:
> ---
>
> [~kiwiwings], when is Tika planning to go to POI 4.0.0?
>
>
> > Tika 1.17 uses the wrong classloader for reflection
> > ---
> >
> > Key: TIKA-2693
> >
[
https://issues.apache.org/jira/browse/TIKA-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16562606#comment-16562606
]
Karl Wright commented on TIKA-2693:
---
[~kiwiwings], when is Tika planning to go to POI 4.0.0?
> T
POI 4.0.0, but
4.0.0 has API-breaks caused by
[#62355|https://bz.apache.org/bugzilla/show_bug.cgi?id=62355] - and a moved
POIXMLTextExtractor is one of them. So this has to be tested after Tika is
adapted to POI 4.0.0.
> Tika 1.17 uses the wrong classloader for reflect
Karl Wright created TIKA-2693:
-
Summary: Tika 1.17 uses the wrong classloader for reflection
Key: TIKA-2693
URL: https://issues.apache.org/jira/browse/TIKA-2693
Project: Tika
Issue Type: Bug
Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Tika 1.17 uses vulnerable Jackson version 2.
!
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Tika 1.17 uses vulnerable Jackson version 2.
to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Tika 1.17 uses vulnerable Jackson version 2.9.2
> ---
>
>
the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Tika 1.17 uses vulnerable Jackson version 2.
://builds.apache.org/job/Tika-trunk/1437/])
Fix for TIKA-2570 contributed by ewanmellor. (commits:
[https://github.com/apache/tika/commit/55e10455cd655aa0df9a54cba7dcb244a94a181e])
* (edit) tika-parsers/pom.xml
* (edit) tika-translate/pom.xml
> Tika 1.17 uses vulnerable Jackson version 2.
[
https://issues.apache.org/jira/browse/TIKA-2570?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tim Allison resolved TIKA-2570.
---
Resolution: Fixed
Fix Version/s: 2.0.0
1.18
> Tika 1.17 uses vulnera
at:
us...@infra.apache.org
> Tika 1.17 uses vulnerable Jackson version 2.9.2
> ---
>
> Key: TIKA-2570
> URL: https://issues.apache.org/jira/browse/TIKA-2570
> Project: Tika
>
message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Tika 1.17 uses vulnerable Jackson version 2.
> Sonatype Nexus Auditor is reporting that the Bouncy castle version used by
> Tika 1.17 is vulnerable
> --
>
> Key: TIKA-2577
> URL: https://issues.apache.or
/signing,
I'm not sure that this CVE affects us?
> Sonatype Nexus Auditor is reporting that the Bouncy castle version used by
> Tika 1.17 is vulnerable
> --
>
>
of encrypted documents,
> Sonatype Nexus Auditor is reporting that the Bouncy castle version used by
> Tika 1.17 is vulnerable
> --
>
> Key: TIKA-2577
>
Abhijit Rajwade created TIKA-2577:
-
Summary: Sonatype Nexus Auditor is reporting that the Bouncy
castle version used by Tika 1.17 is vulnerable
Key: TIKA-2577
URL: https://issues.apache.org/jira/browse/TIKA-2577
[
https://issues.apache.org/jira/browse/TIKA-2570?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Julian Reschke updated TIKA-2570:
-
Priority: Minor (was: Major)
> Tika 1.17 uses vulnerable Jackson version 2.
Julian Reschke created TIKA-2570:
Summary: Tika 1.17 uses vulnerable Jackson version 2.9.2
Key: TIKA-2570
URL: https://issues.apache.org/jira/browse/TIKA-2570
Project: Tika
Issue Type: Task
Ugh, thank you. Let's try plain text this time:
http://www.apache.org/dist/tika/CHANGES-1.17.txt
http://www.apache.org/dyn/closer.cgi/tika/apache-tika-1.17-src.zip
Also, I'll update the keys and link based on input from s...@apache.org.
Thank you, all!
Cheers,
Tim
On 14 December 2017 at 02:10, Tim Allison <talli...@apache.org> wrote:
> The Apache Tika project is pleased to announce the release of Apache Tika
> 1.17.
>
> The release contents have been pushed out to the main Apache release site
> and to the Maven Central sync, s
12, 2017 7:30 PM
To: u...@tika.apache.org
Subject: Re: [VOTE] Release Apache Tika 1.17 Candidate #2
Hello
On 9 December 2017 at 00:43, Tim Allison <talli...@apache.org> wrote:
Please vote on releasing this package as Apache Tika 1.17.
The vote is open for the next 72
Thank you, Luis!
One more vote, and we can release…
From: Luís Filipe Nassif [mailto:lfcnas...@gmail.com]
Sent: Tuesday, December 12, 2017 8:43 AM
To: u...@tika.apache.org
Cc: dev@tika.apache.org
Subject: Re: [VOTE] Release Apache Tika 1.17 Candidate #2
All seems ok after integrating in our
ion test on our 1M forensic test corpus...
>
> Luis
>
> 2017-12-08 22:43 GMT-02:00 Tim Allison <talli...@apache.org>:
>
>>
>>
>> On Friday, December 8, 2017, 7:43:05 PM EST, Tim Allison <
>> tallison_apa...@yahoo.com> wrote:
>>
>>
>&
lt;
> tallison_apa...@yahoo.com> wrote:
>
>
> A candidate for the Tika 1.17 release is available at:
> https://dist.apache.org/repos/dist/dev/tika/
>
> The release candidate is a zip archive of the sources in:
> https://github.com/apache/tika/tree/1
On Friday, December 8, 2017, 7:43:05 PM EST, Tim Allison
<tallison_apa...@yahoo.com> wrote:
A candidate for the Tika 1.17 release is available at:
https://dist.apache.org/repos/dist/dev/tika/
The release candidate is a zip archive of the sources in:
https://github.com/apach
There was a data transfer glitch to nexus. Will respin #2.
On Friday, December 8, 2017, 2:51:14 PM EST, Tim Allison
<talli...@apache.org> wrote:
A candidate for the Tika 1.17 release is available at:
https://dist.apache.org/repos/dist/dev/tika/
The release candidate is
A candidate for the Tika 1.17 release is available at:
https://dist.apache.org/repos/dist/dev/tika/
The release candidate is a zip archive of the sources in:
https://github.com/apache/tika/tree/1.17-rc1
The SHA1 checksum of the archive is 37f3cd19051160a8c488b1aa7ff25c3ae515c359.
In addition
sday, December 7, 2017 1:18 PM
> *To:* dev@tika.apache.org; Allison, Timothy B. <talli...@mitre.org>
> *Subject:* Fwd: Tika 1.17?
>
>
>
> Oh sorry, I thought I have sent to dev list, forwarding...
>
>
>
> Luis
>
>
>
> ------ Forwarded message --
, December 7, 2017 1:18 PM
To: dev@tika.apache.org; Allison, Timothy B. <talli...@mitre.org>
Subject: Fwd: Tika 1.17?
Oh sorry, I thought I have sent to dev list, forwarding...
Luis
-- Forwarded message --
From: Allison, Timothy B. <talli...@mitre.org<mailto:talli...@mitr
Oh sorry, I thought I have sent to dev list, forwarding...
Luis
-- Forwarded message --
From: Allison, Timothy B. <talli...@mitre.org>
Date: 2017-12-07 14:10 GMT-02:00
Subject: RE: Tika 1.17?
To: "lfcnas...@gmail.com" <lfcnas...@gmail.com>
Agreed. T
: Tika 1.17?
Hi Tim,
I've had a briefly look at exceptions folder, seems we are much better with ppt
(4677 fixed exceptions) and pdf (7798), but there are 208 new exceptions with
ppt. I did not check the files to see if they are corrupted, but some common
tokens were lost. Below the most common
; Let me know what you find.
>
> -Original Message-
> From: Allison, Timothy B. [mailto:talli...@mitre.org]
> Sent: Wednesday, November 29, 2017 1:08 PM
> To: dev@tika.apache.org
> Subject: RE: Tika 1.17?
>
> +1
>
> -Original Message-
> From: Chris Mattmann [mailto:
@tika.apache.org
Subject: RE: Tika 1.17?
+1
-Original Message-
From: Chris Mattmann [mailto:mattm...@apache.org]
Sent: Wednesday, November 29, 2017 12:57 PM
To: dev@tika.apache.org
Subject: Re: Tika 1.17?
Thanks so much for fixing this. It worked during MEMEX and then I think has
since fallen out
: Tika 1.17?
+1
-Original Message-
From: Chris Mattmann [mailto:mattm...@apache.org]
Sent: Wednesday, November 29, 2017 12:57 PM
To: dev@tika.apache.org
Subject: Re: Tika 1.17?
Thanks so much for fixing this. It worked during MEMEX and then I think has
since fallen out of date and perhaps
+1
-Original Message-
From: Chris Mattmann [mailto:mattm...@apache.org]
Sent: Wednesday, November 29, 2017 12:57 PM
To: dev@tika.apache.org
Subject: Re: Tika 1.17?
Thanks so much for fixing this. It worked during MEMEX and then I think has
since fallen out of date and perhaps I
e want to put into 1.17 before I run the regression tests?
-Original Message-
From: Allison, Timothy B. [mailto:talli...@mitre.org]
Sent: Monday, November 13, 2017 1:42 PM
To: dev@tika.apache.org
Subject: RE: Tika 1.17?
Y. You're right. Thank you!
.17 before I run the regression tests?
-Original Message-
From: Allison, Timothy B. [mailto:talli...@mitre.org]
Sent: Monday, November 13, 2017 1:42 PM
To: dev@tika.apache.org
Subject: RE: Tika 1.17?
Y. You're right. Thank you!
I think I've been avoiding that because there were some regress
Many thanks to Bob for help on TIKA-2502!
Anything else we want to put into 1.17 before I run the regression tests?
-Original Message-
From: Allison, Timothy B. [mailto:talli...@mitre.org]
Sent: Monday, November 13, 2017 1:42 PM
To: dev@tika.apache.org
Subject: RE: Tika 1.17?
Y
, 2017 2:54 PM
To: dev@tika.apache.org
Subject: RE: Tika 1.17?
TIKA-2486 might be worth blocking on since there is a CVE.
Tyler
On Nov 6, 2017 5:26 AM, "Allison, Timothy B." <talli...@mitre.org> wrote:
> Y. I'm happy enough to wait a few more days. I wasn't able to kick
&
the new parsers to run
> the regression tests?
>
> -Original Message-
> From: David Meikle [mailto:loo...@gmail.com]
> Sent: Friday, November 3, 2017 7:42 PM
> To: dev@tika.apache.org
> Subject: Re: Tika 1.17?
>
> Sounds good. I have a couple of new parsers I would li
@tika.apache.org
Subject: Re: Tika 1.17?
Sounds good. I have a couple of new parsers I would like to slot in but not
had a chance the last few months. Will go for it over the weekend, if that
works for you Tim.
Cheers,
Dave
On 3 November 2017 at 15:19, Mattmann, Chris A (3010) <
chris.a.ma
Sounds good. I have a couple of new parsers I would like to slot in but not
had a chance the last few months. Will go for it over the weekend, if that
works for you Tim.
Cheers,
Dave
On 3 November 2017 at 15:19, Mattmann, Chris A (3010) <
chris.a.mattm...@jpl.nasa.gov> wrote:
> Let’s make it
Let’s make it so (
++
Chris Mattmann, Ph.D.
Principal Data Scientist, Engineering Administrative Office (3010)
Manager, NSF & Open Source Projects Formulation and Development Offices (8212)
NASA Jet Propulsion Laboratory
All,
PDFBox 2.0.8 is now integrated. I want to fix TIKA-2490 before we release
1.17. Are there other issues that are blockers or you'd like to fix before
1.17 (TIKA-2471, maybe?)?
I plan to run initial large scale regression tests shortly for rfc822 and mbox
because of TIKA-2478. I'll run
61 matches
Mail list logo