Should we consider backporting SOLR-14367 (the most recent Tika upgrade)? It addresses a CVE in Tika, and while I think we usually avoid changing 3rd party component versions in patch releases, but maybe we should in this case? The upgrade also looks like it was pretty straightforward (drop-in replacement).
Cassandra On Apr 2, 2020, 12:47 PM -0500, Ignacio Vera <[email protected]>, wrote: > Hi, > > I propose a quick 8.5.1 bugfix release and I volunteer as RM. The main > motivation for this release is LUCENE-9300 where Jim addressed a serious bug > that can lead to data corruption when merging indices via IW#addIndices. > > If there are no objections I am planning to create a RC early next week. > > Best regards, > > Ignacio > >
