[ https://issues.apache.org/jira/browse/OAK-9950?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nitin Gupta closed OAK-9950. ---------------------------- > Upgrade tika to 1.26 > --------------------- > > Key: OAK-9950 > URL: https://issues.apache.org/jira/browse/OAK-9950 > Project: Jackrabbit Oak > Issue Type: Task > Reporter: Nitin Gupta > Assignee: Nitin Gupta > Priority: Major > Fix For: 1.46.0 > > > BDSA-2021-0824 (CVE-2021-28657) > A carefully crafted or corrupt file may trigger an infinite loop in Tika's > MP3Parser up to and including Tika 1.25. Apache Tika users should upgrade to > 1.26 or later. > Used in: > - [https://github.com/apache/jackrabbit-oak/blob/trunk/oak-parent/pom.xml] -- This message was sent by Atlassian Jira (v8.20.10#820010)