[jira] [Commented] (TIKA-4302) Please generate a new 2.9.x deployment

Tilman Hausherr (Jira) Wed, 28 Aug 2024 02:08:06 -0700


    [ 
https://issues.apache.org/jira/browse/TIKA-4302?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17877298#comment-17877298
 ]


Tilman Hausherr commented on TIKA-4302:
---------------------------------------

I looked at CVE-2024-29857. The "worst" that could happen is high CPU load.

> Please generate a new 2.9.x deployment
> --------------------------------------
>
>                 Key: TIKA-4302
>                 URL: https://issues.apache.org/jira/browse/TIKA-4302
>             Project: Tika
>          Issue Type: Task
>    Affects Versions: 2.9.2
>            Reporter: Alan Klein
>            Priority: Major
>
> It appears that a number of dependencies were updated in TIKA-4166
> Would you be able to generate a new 2.9.x deployment that includes the 
> changes in TIKA-4166 ? I am specifically looking to address CVE-2024-29857 
> (High) which is due to Bouncy Castle.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (TIKA-4302) Please generate a new 2.9.x deployment

Reply via email to