Update to 3.2.3. Or are you asking for the specific commit because you
want to stay with 2.* ? In that later case, the 2.* repository branch
contains the fix, but there won't be a 2.9.4 release. But you can
download the source and build locally.
https://github.com/apache/tika/tree/branch_2x
Tilman
Am 25.09.2025 um 15:37 schrieb Saravanan Balakrishnan:
Hello All,
We are running into a problem that fix for CVE-2025-54988 is went in
Tika 3.2.2 and we have a limitation to upgrade Tika 3.2.2 in our
product's earlier version. Kindly look for feasibility to port fix for
"CVE-2025-54988" which went in Tika 3.2.2 in Tika 2.9.4 would be great.
Thanks in advance.
Regards,
Saravanan B
