[jira] [Commented] (TIKA-3539) jdom 2.0.6 dependency in tika-parser-news-module has unfixed CVE

Lewis John McGibbney (Jira) Wed, 29 Dec 2021 20:34:08 -0800


    [ 
https://issues.apache.org/jira/browse/TIKA-3539?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17466682#comment-17466682
 ]


Lewis John McGibbney commented on TIKA-3539:
--------------------------------------------

This issue was fixed for 2.X in https://github.com/apache/tika/pull/469

> jdom 2.0.6 dependency in tika-parser-news-module has unfixed CVE
> ----------------------------------------------------------------
>
>                 Key: TIKA-3539
>                 URL: https://issues.apache.org/jira/browse/TIKA-3539
>             Project: Tika
>          Issue Type: Task
>          Components: parser
>    Affects Versions: 2.1.0
>            Reporter: Julian Reschke
>            Assignee: Lewis John McGibbney
>            Priority: Major
>             Fix For: 2.2.1
>
>
> Might be good to avoid the use of JDOM altogether.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (TIKA-3539) jdom 2.0.6 dependency in tika-parser-news-module has unfixed CVE

Reply via email to