[ https://issues.apache.org/jira/browse/TIKA-3492?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17387465#comment-17387465 ]
Hudson commented on TIKA-3492: ------------------------------ SUCCESS: Integrated in Jenkins build Tika ยป tika-branch1x-jdk8 #142 (See [https://ci-builds.apache.org/job/Tika/job/tika-branch1x-jdk8/142/]) TIKA-3492 -- upgrade rometools (tallison: [https://github.com/apache/tika/commit/8dc6c5c0e4200838a97000788da4852dea73a614]) * (edit) tika-parsers/pom.xml > Upgrade version for TPS: rome to 1.16.0 in tika-bundle > ------------------------------------------------------ > > Key: TIKA-3492 > URL: https://issues.apache.org/jira/browse/TIKA-3492 > Project: Tika > Issue Type: Bug > Affects Versions: 1.27 > Reporter: Shubhangi Raut > Priority: Major > Labels: upgrade > Fix For: 2.0.1, 1.28 > > > tika-bundle-1.27 uses rome-1.15.0. > There is following vulnerability reported in rome-1.15.0 as per Sonatype Data > Research: > [sonatype-2021-0802|https://vw-pun-bpm-bl15.bmc.com:8070/ui/links/vln/sonatype-2021-0802] > : > [rome-1.16.0|https://mvnrepository.com/artifact/com.rometools/rome/1.16.0] is > non-vulnerable version. Please consider upgrading to it in the next release. -- This message was sent by Atlassian Jira (v8.3.4#803005)