Tim Allison created TIKA-2878: --------------------------------- Summary: Update dependencies for 1.21.1 or 1.22 Key: TIKA-2878 URL: https://issues.apache.org/jira/browse/TIKA-2878 Project: Tika Issue Type: Task Reporter: Tim Allison
And in the category of "stuff you can't make up"...while generating the javadocs for the 1.21 release: We're now getting this inĀ {{tika-parsers}}: {noformat} c3p0:c3p0:jar:0.9.1.1:compile; https://ossindex.sonatype.org/component/pkg:maven/c3p0/c3p0@0.9.1.1 * [CVE-2019-5427] Resource Management Errors (7.5); https://ossindex.sonatype.org/vuln/d25f4c21-9e76-4fc2-9d73-3770aa3aec56 {noformat} and in {{tika-server}}: {noformat} * [CVE-2019-10247] Information Exposure (5.3); https://ossindex.sonatype.org/vuln/47ad4d7e-b9c3-414f-9bfa-1dfaa92b0aba * [CVE-2019-10241] Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") (6.1); https://ossindex.sonatype.org/vuln/970aece8-4a1d-4a9e-ab97-0982b13dac4d org.eclipse.jetty:jetty-server:jar:9.4.14.v20181114:compile; https://ossindex.sonatype.org/component/pkg:maven/org.eclipse.jetty/jetty-server@9.4.14.v20181114 * [CVE-2019-10247] Information Exposure (5.3); https://ossindex.sonatype.org/vuln/47ad4d7e-b9c3-414f-9bfa-1dfaa92b0aba * [CVE-2019-10241] Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") (6.1); https://ossindex.sonatype.org/vuln/970aece8-4a1d-4a9e-ab97-0982b13dac4d {noformat} -- This message was sent by Atlassian JIRA (v7.6.3#76005)