OFBiz OFBiz - Commits

svn commit: r1852504 - in /ofbiz/ofbiz-framework/branches/release18.12: ./ build.gradle

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Deepak Dixit-5
Reply | Threaded
Open this post in threaded view
|

svn commit: r1852504 - in /ofbiz/ofbiz-framework/branches/release18.12: ./ build.gradle

Deepak Dixit-5
Author: deepak
Date: Wed Jan 30 08:54:29 2019
New Revision: 1852504

URL: http://svn.apache.org/viewvc?rev=1852504&view=rev
Log:
Applied fix from trunk for revision: 1852503
===

Fixed: Upgrade Apache Tika to 1.20 (CVE-2018-8017/CVE-2018-17197)
In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaParser.
A carefully crafted or corrupt sqlite file can cause an infinite loop in Apache Tika's SQLite3Parser in versions 1.8-1.19.1 of Apache Tika.


Modified:
    ofbiz/ofbiz-framework/branches/release18.12/   (props changed)
    ofbiz/ofbiz-framework/branches/release18.12/build.gradle

Propchange: ofbiz/ofbiz-framework/branches/release18.12/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Jan 30 08:54:29 2019
@@ -10,4 +10,4 @@
 /ofbiz/branches/json-integration-refactoring:1634077-1635900
 /ofbiz/branches/multitenant20100310:921280-927264
 /ofbiz/branches/release13.07:1547657
-/ofbiz/ofbiz-framework/trunk:1850015,1850023,1850530,1850647,1850685,1850694,1850711,1850914,1850918,1850921,1850948,1850953,1851006,1851013,1851068,1851074,1851130,1851158,1851200,1851224,1851247,1851254,1851315,1851319,1851350,1851353,1851433,1851500,1851805,1851885,1851998
+/ofbiz/ofbiz-framework/trunk:1850015,1850023,1850530,1850647,1850685,1850694,1850711,1850914,1850918,1850921,1850948,1850953,1851006,1851013,1851068,1851074,1851130,1851158,1851200,1851224,1851247,1851254,1851315,1851319,1851350,1851353,1851433,1851500,1851805,1851885,1851998,1852503

Modified: ofbiz/ofbiz-framework/branches/release18.12/build.gradle
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/branches/release18.12/build.gradle?rev=1852504&r1=1852503&r2=1852504&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/branches/release18.12/build.gradle (original)
+++ ofbiz/ofbiz-framework/branches/release18.12/build.gradle Wed Jan 30 08:54:29 2019
@@ -150,8 +150,8 @@ dependencies {
     compile 'org.apache.poi:poi:3.17'
     compile 'org.apache.shiro:shiro-core:1.4.0'
     compile 'org.apache.sshd:sshd-core:1.7.0'
-    compile 'org.apache.tika:tika-core:1.18'
-    compile 'org.apache.tika:tika-parsers:1.18'
+    compile 'org.apache.tika:tika-core:1.20'
+    compile 'org.apache.tika:tika-parsers:1.20'
     compile 'org.apache.tomcat:tomcat-catalina-ha:9.0.13'
     compile 'org.apache.tomcat:tomcat-catalina:9.0.13'
     compile 'org.apache.tomcat:tomcat-jasper:9.0.13'


Free forum by Nabble Edit this page