[TIKA-3491] Upgrade version for TPS: commons-compress to 1.21 in tika-bundle - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 1.27
Fix Version/s: None
Component/s: None
Labels:
- upgrade

Description

tika-bundle-1.27 uses commons-compress-1.20.

There are following vulnerabilities reported in commons-compress-1.20 as per National Vulnerability Database:
1. CVE-2021-35515
2. CVE-2021-35516
3. CVE-2021-35517
4. CVE-2021-36090

commons-compress-1.21 is non-vulnerable version. Please consider upgrading to it in the next release.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Shubhangi Raut

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 22/Jul/21 07:33

Updated:: 22/Jul/21 07:33