CVE-2018-11796: Apache Tika Denial of Service via XML Entity Expansion
Vulnerability
Severity: Medium
Vendor:
The Apache Software Foundation
Versions Affected:
Apache Tika 0.1 to 1.19
Description:
In Apache Tika 1.19 (CVE-2018-11761), we added an entity expansion
limit for XML parsing.
The Apache Tika project is pleased to announce the release of Apache
Tika 1.19.1. The release contents have been pushed out to the main
Apache release site and to the Maven Central sync, so the releases
should be available as soon as the mirrors get the syncs.
Apache Tika is a toolkit for
The Apache Arrow community is pleased to announce the 0.11.0 release. It
includes 288 resolved issues ([1]) since the 0.10.0 release.
The release is available now from our website and [2]:
https://arrow.apache.org/install/
Read about what's new in the release
The Apache Qpid (http://qpid.apache.org) community is pleased to announce
the immediate availability of Apache Qpid Proton 0.26.0.
Apache Qpid Proton is a messaging library for the Advanced Message Queuing
Protocol 1.0 (AMQP 1.0, ISO/IEC 19464, http://www.amqp.org). It can be used
in a wide range
