[jira] [Commented] (TIKA-3616) Upgrade log4j2

[ https://issues.apache.org/jira/browse/TIKA-3616?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17458246#comment-17458246 ] Abhijit Rajwade commented on TIKA-3616: --- What is release date of Version 2.1.1? > Upgrade log4j2 >

[jira] [Commented] (TIKA-3094) Apache Tika fails to extract text for pptx extension.

[ https://issues.apache.org/jira/browse/TIKA-3094?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17204502#comment-17204502 ] Abhijit Rajwade commented on TIKA-3094: --- [~tallison] [~bob] [~hudson] I don't know if this issue is

[jira] [Commented] (TIKA-3094) Apache Tika fails to extract text for pptx extension.

[ https://issues.apache.org/jira/browse/TIKA-3094?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17096324#comment-17096324 ] Abhijit Rajwade commented on TIKA-3094: --- Yes [~bob] thanks a lot for the prompt fix. > Apache Tika

[jira] [Comment Edited] (TIKA-3094) Apache Tika fails to extract text for pptx extension.

[ https://issues.apache.org/jira/browse/TIKA-3094?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17095133#comment-17095133 ] Abhijit Rajwade edited comment on TIKA-3094 at 4/29/20, 7:37 AM: - I am

[jira] [Commented] (TIKA-3094) Apache Tika fails to extract text for pptx extension.

[ https://issues.apache.org/jira/browse/TIKA-3094?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17095133#comment-17095133 ] Abhijit Rajwade commented on TIKA-3094: --- I am working with [~abchauha] on this issue. One question.

[jira] [Commented] (TIKA-2952) Vulnerable "metadata-extractor 2.11.0" is present in tika 1.22.

[ https://issues.apache.org/jira/browse/TIKA-2952?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17020833#comment-17020833 ] Abhijit Rajwade commented on TIKA-2952: --- [~tallison] [~stappe2019] I see that for CVE-2019-14262 in

[jira] [Created] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571

Abhijit Rajwade created TIKA-3018: - Summary: log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571 Key: TIKA-3018 URL: https://issues.apache.org/jira/browse/TIKA-3018 Project:

[jira] [Commented] (TIKA-2890) Critical security vulnerability in depedencies

[ https://issues.apache.org/jira/browse/TIKA-2890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16953702#comment-16953702 ] Abhijit Rajwade commented on TIKA-2890: --- Tim We are currently using Apache Tika 1.22 released

[jira] [Comment Edited] (TIKA-2890) Critical security vulnerability in depedencies

[ https://issues.apache.org/jira/browse/TIKA-2890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16953492#comment-16953492 ] Abhijit Rajwade edited comment on TIKA-2890 at 10/17/19 8:21 AM: -

[jira] [Commented] (TIKA-2890) Critical security vulnerability in depedencies

[ https://issues.apache.org/jira/browse/TIKA-2890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16953492#comment-16953492 ] Abhijit Rajwade commented on TIKA-2890: --- Jackson version 2.10.0 has a fix for the long standing

[jira] [Created] (TIKA-2855) pdfbox version used by both Apache Tika 1.19.1 and 1.20 is vulnerable

Abhijit Rajwade created TIKA-2855: - Summary: pdfbox version used by both Apache Tika 1.19.1 and 1.20 is vulnerable Key: TIKA-2855 URL: https://issues.apache.org/jira/browse/TIKA-2855 Project: Tika

[jira] [Updated] (TIKA-2717) Sonatype Nexus auditor is reporting that Jackson databind version used by Apache Tika is vulnerable

[ https://issues.apache.org/jira/browse/TIKA-2717?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Abhijit Rajwade updated TIKA-2717: -- Priority: Critical (was: Major) > Sonatype Nexus auditor is reporting that Jackson databind

[jira] [Comment Edited] (TIKA-2717) Sonatype Nexus auditor is reporting that Jackson databind version used by Apache Tika is vulnerable

[ https://issues.apache.org/jira/browse/TIKA-2717?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16757010#comment-16757010 ] Abhijit Rajwade edited comment on TIKA-2717 at 1/31/19 8:32 AM: I checked

[jira] [Commented] (TIKA-2717) Sonatype Nexus auditor is reporting that Jackson databind version used by Apache Tika is vulnerable

[ https://issues.apache.org/jira/browse/TIKA-2717?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16757010#comment-16757010 ] Abhijit Rajwade commented on TIKA-2717: --- I checked tika-app 1.20 jar It has following dependency.

[jira] [Commented] (TIKA-2717) Sonatype Nexus auditor is reporting that Jackson databind version used by Apache Tika is vulnerable

[ https://issues.apache.org/jira/browse/TIKA-2717?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16756092#comment-16756092 ] Abhijit Rajwade commented on TIKA-2717: --- Vulnerability is reported on {color:#00}org.apache.tika

[jira] [Commented] (TIKA-2802) Out of memory issues when extracting large files (pst)

[ https://issues.apache.org/jira/browse/TIKA-2802?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16743200#comment-16743200 ] Abhijit Rajwade commented on TIKA-2802: --- In which Tika version will this get resolved? > Out of

[jira] [Created] (TIKA-2717) Sonatype Nexus auditor is reporting that Jackson databind version used by Apache Tika is vulnerable

Abhijit Rajwade created TIKA-2717: - Summary: Sonatype Nexus auditor is reporting that Jackson databind version used by Apache Tika is vulnerable Key: TIKA-2717 URL: https://issues.apache.org/jira/browse/TIKA-2717

[jira] [Created] (TIKA-2716) Sonatype Nexus auditor is reporting that spring framework vesrion used by Tika 1.18 is vulnerable

Abhijit Rajwade created TIKA-2716: - Summary: Sonatype Nexus auditor is reporting that spring framework vesrion used by Tika 1.18 is vulnerable Key: TIKA-2716 URL: https://issues.apache.org/jira/browse/TIKA-2716

[jira] [Commented] (TIKA-2699) Security: Sonatype Nexus scan is reporting multiple vulnearbilities on the bouncy castle version used by Apache Tika

[ https://issues.apache.org/jira/browse/TIKA-2699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16563444#comment-16563444 ] Abhijit Rajwade commented on TIKA-2699: --- CVE-2016-1000352 info   Issue

[jira] [Commented] (TIKA-2699) Security: Sonatype Nexus scan is reporting multiple vulnearbilities on the bouncy castle version used by Apache Tika

[ https://issues.apache.org/jira/browse/TIKA-2699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16563441#comment-16563441 ] Abhijit Rajwade commented on TIKA-2699: --- CVE-2016-1000344 info   Issue

[jira] [Commented] (TIKA-2699) Security: Sonatype Nexus scan is reporting multiple vulnearbilities on the bouncy castle version used by Apache Tika

[ https://issues.apache.org/jira/browse/TIKA-2699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16563439#comment-16563439 ] Abhijit Rajwade commented on TIKA-2699: --- CVE-2016-1000343 info   Issue

[jira] [Comment Edited] (TIKA-2699) Security: Sonatype Nexus scan is reporting multiple vulnearbilities on the bouncy castle version used by Apache Tika

[ https://issues.apache.org/jira/browse/TIKA-2699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16563437#comment-16563437 ] Abhijit Rajwade edited comment on TIKA-2699 at 7/31/18 10:26 AM: -

[jira] [Commented] (TIKA-2699) Security: Sonatype Nexus scan is reporting multiple vulnearbilities on the bouncy castle version used by Apache Tika

[ https://issues.apache.org/jira/browse/TIKA-2699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16563438#comment-16563438 ] Abhijit Rajwade commented on TIKA-2699: --- CVE-2016-1000342 info   Issue

[jira] [Commented] (TIKA-2699) Security: Sonatype Nexus scan is reporting multiple vulnearbilities on the bouncy castle version used by Apache Tika

[ https://issues.apache.org/jira/browse/TIKA-2699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16563437#comment-16563437 ] Abhijit Rajwade commented on TIKA-2699: --- CVE-2016-1000340 info   Issue

[jira] [Commented] (TIKA-2699) Security: Sonatype Nexus scan is reporting multiple vulnearbilities on the bouncy castle version used by Apache Tika

[ https://issues.apache.org/jira/browse/TIKA-2699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16563436#comment-16563436 ] Abhijit Rajwade commented on TIKA-2699: --- CVE-2016-1000338 info   Issue

[jira] [Created] (TIKA-2699) Security: Sonatype Nexus scan is reporting multiple vulnearbilities on the bouncy castle version used by Apache Tika

Abhijit Rajwade created TIKA-2699: - Summary: Security: Sonatype Nexus scan is reporting multiple vulnearbilities on the bouncy castle version used by Apache Tika Key: TIKA-2699 URL:

[jira] [Created] (TIKA-2686) pdfbox fontbox 2.0.8 has security vulnerability CVE-2018-8036 and should be upgraded to 2.0.11

Abhijit Rajwade created TIKA-2686: - Summary: pdfbox fontbox 2.0.8 has security vulnerability CVE-2018-8036 and should be upgraded to 2.0.11 Key: TIKA-2686 URL: https://issues.apache.org/jira/browse/TIKA-2686

[jira] [Commented] (TIKA-2577) Sonatype Nexus Auditor is reporting that the Bouncy castle version used by Tika 1.17 is vulnerable

[ https://issues.apache.org/jira/browse/TIKA-2577?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16369097#comment-16369097 ] Abhijit Rajwade commented on TIKA-2577: --- Never the less TPS scanning tools like Nexus auditor see

[jira] [Commented] (TIKA-2577) Sonatype Nexus Auditor is reporting that the Bouncy castle version used by Tika 1.17 is vulnerable

[ https://issues.apache.org/jira/browse/TIKA-2577?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16369070#comment-16369070 ] Abhijit Rajwade commented on TIKA-2577: --- Bouncy castle seems to be used by Tika for support of

[jira] [Created] (TIKA-2577) Sonatype Nexus Auditor is reporting that the Bouncy castle version used by Tika 1.17 is vulnerable

Abhijit Rajwade created TIKA-2577: - Summary: Sonatype Nexus Auditor is reporting that the Bouncy castle version used by Tika 1.17 is vulnerable Key: TIKA-2577 URL: https://issues.apache.org/jira/browse/TIKA-2577

[jira] [Commented] (TIKA-2499) Sonatype Nexus Auditor is reporting that Tika 1.13 is using a number of vulnerable Third party components.

[ https://issues.apache.org/jira/browse/TIKA-2499?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16247714#comment-16247714 ] Abhijit Rajwade commented on TIKA-2499: --- Sonatype Nexus Audior shows that all current Apache tika

[jira] [Created] (TIKA-2499) Sonatype Nexus Auditor is reporting that Tika 1.13 is using a number of vulnerable Third party components.

Abhijit Rajwade created TIKA-2499: - Summary: Sonatype Nexus Auditor is reporting that Tika 1.13 is using a number of vulnerable Third party components. Key: TIKA-2499 URL: