Uploaded image for project: 'Flume'
  1. Flume
  2. FLUME-3125

Upgrade fontbox library dependency

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Critical
    • Resolution: Unresolved
    • 1.7.0
    • 1.8.1
    • None

    Description

      Group Artifact Version used Upgrade target
      org.apache.pdfbox fontbox 1.8.4 2.0.6

      Security vulnerability: http://www.cvedetails.com/cve/CVE-2016-2175/
      Maven repository: https://mvnrepository.com/artifact/org.apache.pdfbox/fontbox

      Please do:

      • CVE might be a false alarm or mistake. Please double check.
      • double check the newest version.
      • consider to remove a dependency if better alternative is available.
      • check whether the lib change would introduce a backward incompatibility (in which case please add this label `breaking_change` and fix version should be the next major)

      Excerpt from mvn dependency:tree

      org.apache.flume.flume-ng-sinks:flume-ng-morphline-solr-sink:jar:1.8.0-SNAPSHOT
+- org.kitesdk:kite-morphlines-all:pom:1.0.0:compile
|  +- org.kitesdk:kite-morphlines-solr-cell:jar:1.0.0:compile
|  |  +- org.apache.tika:tika-xmp:jar:1.5:compile
|  |  |  +- org.apache.tika:tika-parsers:jar:1.5:compile
|  |  |  |  +- org.apache.pdfbox:pdfbox:jar:1.8.4:compile
|  |  |  |  |  +- org.apache.pdfbox:fontbox:jar:1.8.4:compile

      Attachments

        Issue Links

          Is contained by

          Bug - A problem which impairs or prevents the functions of the product. FLUME-3150 Upgrade Kite version

          • Major - Major loss of function.
          • Open

          Activity

            People

              Unassigned Unassigned
              sati Attila Simon
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: